What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-10-18 14:15:09 | China-linked APT41 group targets Hong Kong with Spyder Loader (lien direct) | >China-linked threat actors APT41 (a.k.a. Winnti) targeted organizations in Hong Kong, in some cases remaining undetected for a year. Symantec researchers reported that cyberespionage group APT41 targeted organizations in Hong Kong in a campaign that is a likely continuation of the Operation CuckooBees activity detailed by Cybereason in May. Winnti (aka APT41, Axiom, Barium, Blackfly) is a cyberespionage […] | Threat Guideline | APT 41 APT 17 | |
|
2022-10-04 07:05:05 | Linux Cheerscrypt ransomware is linked to Chinese DEV-0401 APT group (lien direct) | >Researchers link recently discovered Linux ransomware Cheerscrypt to the China-linked cyberespionage group DEV-0401. Researchers at cybersecurity firm Sygnia attributed the recently discovered Linux ransomware Cheerscrypt to the China-linked cyber espionage group Bronze Starlight (aka DEV-0401, APT10) Bronze Starlight, has been active since mid-2021, in June researchers from Secureworks reported that the APT group is deploying […] | Ransomware | APT 10 | |
|
2022-06-26 13:40:00 | China-linked APT Bronze Starlight deploys ransomware as a smokescreen (lien direct) | >China-linked APT Bronze Starlight is deploying post-intrusion ransomware families as a diversionary action to its cyber espionage operations. Researchers from Secureworks reported that a China-linked APT group, tracked as Bronze Starlight (APT10), is deploying post-intrusion ransomware families to cover up the cyber espionage operations. The experts observed an activity cluster involving post-intrusion ransomware such as […] | Ransomware | APT 10 | |
|
2022-05-13 06:52:53 | Iran-linked COBALT MIRAGE group uses ransomware in its operations (lien direct) | Iranian group used Bitlocker and DiskCryptor in a series of attacks targeting organizations in Israel, the US, Europe, and Australia. Researchers at Secureworks Counter Threat Unit (CTU) are investigating a series of attacks conducted by the Iran-linked COBALT MIRAGE APT group. The threat actors have been active since at least June 2020 and are linked […] | Ransomware Threat | APT 15 APT 15 | ★★★★ |
|
2022-04-09 12:06:00 | China-linked threat actors target Indian Power Grid organizations (lien direct) | China-linked threat actors continue to target Indian power grid organizations, most of the attacks involved the ShadowPad backdoor. Recorded Future’s Insikt Group researchers uncovered a campaign conducted by a China-linked threat actor targeting Indian power grid organizations. The security firm is tracking this cluster of malicious activities under the moniker Threat Activity Group 38 aka […] | Threat | APT 1 | |
|
2022-04-03 15:44:11 | China-linked APT Deep Panda employs new Fire Chili Windows rootkit (lien direct) | The China-linked hacking group Deep Panda is targeting VMware Horizon servers with the Log4Shell exploit to install a new Fire Chili rootkit. Researchers from Fortinet have observed the Chinese APT group Deep Panda exploiting a Log4Shell exploit to compromise VMware Horizon servers and deploy previously undetected Fire Chili rootkit. The experts observed opportunistic attacks against organizations […] | APT 19 | ||
|
2022-02-22 13:20:44 | China-linked APT10 Target Taiwan\'s financial trading industry (lien direct) | China-linked APT group APT10 (aka Stone Panda, Bronze Riverside) targets Taiwan’s financial trading sector with a supply chain attack. The campaign was launched by the APT10 group started in November 2021, but it hit a peak between 10 and 13 2022, Taiwanese cybersecurity firm CyCraft reported. The group (also known as Cicada, Stone Panda, MenuPass group, […] | APT 10 APT 10 | ||
|
2021-12-07 10:09:54 | Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group (lien direct) | Microsoft seized dozens of malicious domains used by the China-linked APT15 group to target organizations worldwide. Microsoft announced to have obtained a court warrant that allowed it to seize 42 domains used by a China-linked APT15 group (aka Nickel, Ke3chang, Mirage, Vixen Panda, Royal APT and Playful Dragon) in recent operations that targeted organizations in the US and 28 other countries. […] | APT 15 APT 25 | ||
|
2020-11-18 20:27:53 | China-linked APT10 leverages ZeroLogon exploits in recent attacks (lien direct) | Researchers uncovered a large-scale campaign conducted by China-linked APT10 targeting businesses using the recently-disclosed ZeroLogon vulnerability. Symantec’s Threat Hunter Team, a Broadcom division, uncovered a global campaign conducted by a China-linked APT10 cyber-espionage group targeting businesses using the recently-disclosed ZeroLogon vulnerability. The group, also known as Cicada, Stone Panda, and Cloud Hopper, has been active at […] | Threat | APT 10 | |
|
2020-05-28 07:51:22 | Ke3chang hacking group adds new Ketrum malware to its arsenal (lien direct) | The Ke3chang hacking group added a new malware dubbed Ketrum to its arsenal, it borrows portions of code and features from older backdoors. The Ke3chang hacking group (aka APT15, Vixen Panda, Playful Dragon, and Royal APT) has developed new malware dubbed Ketrum by borrowing parts of the source code and features from their older Ketrican and […] | Malware | APT 15 APT 25 | |
|
2019-07-24 03:07:00 | (Déjà vu) China-Linked APT15 group is using a previously undocumented backdoor (lien direct) | ESET researchers reported that China-linked cyberespionage group APT15 has been using a previously undocumented backdoor for more than two years. Security researchers at ESET reported that China-linked threat actor APT15 (aka Ke3chang, Mirage, Vixen Panda, Royal APT and Playful Dragon) has been using a previously undocumented backdoor for more than two years. APT15 has been active […] | Threat | APT 15 APT 25 | |
|
2019-05-28 05:48:02 | APT10 is back with two new loaders and new versions of known payloads (lien direct) | The APT10 group has added two new malware loaders to its arsenal and used in attacks aimed at government and private organizations in Southeast Asia. In April 2019, China-linked cyber-espionage group tracked as APT10 has added two new loaders to its arsenal and used it against government and private organizations in Southeast Asia. The group […] | Malware | APT 10 | |
|
2018-10-19 07:06:03 | Attackers behind Operation Oceansalt reuse code from Chinese Comment Crew (lien direct) | Security researchers from McAfee have recently uncovered a cyber espionage campaign, tracked as Operation Oceansalt, targeting South Korea, the United States, and Canada. The threat actors behind Operation Oceansalt are reusing malware previously associated with China-linked cyberespionage group APT1. “McAfee Advanced Threat Research and Anti-Malware Operations teams have discovered another unknown data reconnaissance implant targeting Korean-speaking users.” reads the report. “We […] | Malware Threat | APT 32 APT 1 | |
|
2018-09-15 08:34:01 | China-linked APT10 group behind new attacks on the Japanese media sector (lien direct) | Recently researchers from FireEye uncovered and blocked a campaign powered by the Chinese APT10 cyber espionage group aimed at Japanese media sector In July, security researchers from FireEye uncovered and blocked a campaign carried out by Chinese APT10 group (aka Menupass, and Stone Panda) aimed at Japanese media sector. Experts noticed the group since around […] | APT 10 | ||
|
2018-09-10 18:59:03 | Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks (lien direct) | Security experts observed the LuckyMouse APT group using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. Security experts from Kaspersky have observed the LuckyMouse APT group (aka Emissary Panda, APT27 and Threat Group 3390) using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. The APT group […] | Threat | APT 27 APT 1 | ★★★ |
|
2018-06-18 12:41:02 | China-Linked APT15 is still very active, experts found its new malware tracked as \'MirageFox\' (lien direct) | Following the recent hack of a US Navy contractor security experts found evidence of very recent activity by the China-linked APT group tracked as APT15. The China-linked APT15 group (aka Ke3chang, Mirage, Vixen Panda, Royal APT and Playful Dragon) has developed a new strain of malware borrowing the code from one of the tool he used in past […] | APT 15 APT 25 | ||
|
2018-06-14 06:23:04 | China-linked Emissary Panda APT group targets National Data Center in Asia (lien direct) | A China-linked APT group, LuckyMouse, Emissary Panda, APT27 and Threat Group 3390, has targeted a national data center in Central Asia. The APT group has been active since at least 2010, the crew targeted U.S. defense contractors and financial services firms worldwide. In March 2018, security experts at Kaspersky Lab have observed an attack powered by the […] | APT 27 APT 1 | ||
|
2018-03-12 18:07:04 | China-Linked APT15 used new backdoors in attack against UK Government\'s service provider (lien direct) | China-Linked APT15 used new backdoors is an attack that is likely part of a wider operation aimed at contractors at various UK government departments and military organizations. Last week Ahmed Zaki, a senior malware researcher at NCC Group, presented at the Kaspersky's Security Analyst Summit (SAS), details of a malware-based attack against the service provider for the […] | APT 15 | ||
|
2017-10-04 11:12:03 | Intezer researchers link CCleaner hack to Chinese APT17 hackers (lien direct) | Researchers from security firm Intezer speculate that the attack was powered by nation-state actor, likely the Chinese APT17 group. Security experts continue to investigate the recent attack against the supply chain of the popular software CCleaner. The hackers first compromised in July a CCleaner server, then exploited it to deliver a backdoored version of the 32-bit CCleaner […] | CCleaner APT 17 | ||
|
2017-09-20 10:49:05 | Viacom left the keys of its digital kingdom on a publicly exposed AWS S3 bucket (lien direct) | The security researcher Chris Vickery discovered that Media giant Viacom left sensitive data and secret access key on unsecured Amazon AWS S3 bucket. Media giant Viacom left sensitive data and secret access key on unsecured Amazon AWS S3 bucket, a gift for hackers. Viacom controls Paramount Pictures, MTV, Comedy Central and Nickelodeon. The huge trove of data store […] | APT 15 |
1
We have: 20 articles.
We have: 20 articles.
To see everything:
Our RSS (filtrered)
