apt – MCYSEKA-Maritime Cyber Security Knowledge Archive

Amazon blocks APT29 campaign targeting Microsoft device code authentication

Amazon stopped a Russia-linked APT29 watering hole attack that hijacked Microsoft device code authentication via compromised sites. Amazon announced that it had disrupted an opportunistic watering hole campaign orchestrated by the Russia-linked cyber espionage group APT29 (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes). Amazon experts labeled the attacks as an opportunistic watering hole campaign using compromised […]

August 31, 2025

0 comment

Amazon Takes Down Russian APT29 Infrastructure Targeting Users

Amazon’s cybersecurity team has successfully disrupted a sophisticated watering hole campaign orchestrated by APT29, a notorious hacking group linked to Russia’s Foreign Intelligence Service. The August 2025 operation represents the latest …

August 30, 2025

0 comment

Dutch intelligence warn that China-linked APT Salt Typhoon targeted local critical infrastructure

Dutch intelligence reports Chinese cyber spies (Salt Typhoon, RedMike) targeted the Netherlands, hitting critical infrastructure. The Dutch intelligence and security services MIVD and AIVD say Chinese cyber spies linked to Salt Typhoon (RedMike) targeted the Netherlands in a campaign hitting global critical infrastructure. In late 2024, a large-scale Chinese cyberespionage campaign targeting global telecoms was […]

August 29, 2025

0 comment

ShadowSilk Targets Penetration-Testing Tools and Public Exploits to Breach Organizations

Cybersecurity experts discovered an advanced persistent threat (APT) cluster called ShadowSilk in a thorough research published by Group-IB. Since at least 2023, this group has been actively breaching government institutions in Central Asia and the Asi…

August 28, 2025

0 comment

Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations

Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI coding assistant Claude Code for nearly all steps of a data extortion operat…

August 28, 2025

0 comment

New Research Explores Emulating Scattered Spider Tactics in Real-World Scenarios

Experts have described methods for mimicking the strategies of the advanced persistent threat (APT) group Scattered Spider in a recent in-depth analysis by cybersecurity company Lares, allowing enterprises to strengthen their defenses through adversari…

August 28, 2025

0 comment

NSA, NCSC, and allies detailed TTPs associated with Chinese APT actors targeting critical infrastructure Orgs

NSA and allies warn that Chinese APT actors, including Salt Typhoon, are targeting critical infrastructure worldwide. The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and allies warn Chinese APT actors, linked to Salt Typhoon, are targeting global telecom, government, transport, lodging, and military sectors. “The National Security Agency (NSA) and […]

August 28, 2025

0 comment

China linked Silk Typhoon targeted diplomats by hijacking web traffic

The China-linked APT group Silk Typhoon targeted diplomats by hijacking web traffic to redirect it to a website that delivered malware. China-linked cyberespionage group Silk Typhoon targeted diplomats by hijacking web traffic to redirect to a website used to deliver malware, Google’s Threat Intelligence Group (GTIG) warns. Cyberspies hijacked a network’s captive portal using an […]

August 27, 2025

0 comment

APT36 Targets Indian BOSS Linux Using Weaponized .desktop Shortcut Files

Researchers have unveiled ONEFLIP, a novel inference-time backdoor attack that compromises full-precision deep neural networks (DNNs) by flipping just one bit in the model’s weights, marking a significant escalation in the practicality of hardwar…

August 27, 2025

0 comment

Chinese APT Leverages Proxy and VPN Services to Obfuscate Infrastructure

A significant data dump surfaced on DDoSecrets.com, purportedly extracted from a workstation belonging to a threat actor targeting organizations in South Korea and Taiwan. The leak, detailed in an accompanying article, attributes the activity to the No…

August 25, 2025

0 comment

1 2 3 … 39

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30