More results...
11 state-sponsored APTs exploit malicious .lnk files for espionage and data theft, with ZDI uncovering 1,000 such files used in attacks. At least 11 state-sponsored threat groups have been abusing Windows shortcut files for espionage and data theft, according to an analysis by Trend Micro’s Zero Day Initiative (ZDI). Trend ZDI researchers discovered 1,000 malicious […]
ZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands.
The post 11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft appeared first on SecurityWeek.
In a sophisticated phishing campaign uncovered by the BI.ZONE Threat Intelligence team, the Squid Werewolf group, also known as APT37, has been impersonating recruiters to target key employees in various organizations. This espionage cluster uses fake …
North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. North Korea-linked threat actor ScarCruft (aka APT37, Reaper, and Group123) is behind a previously undetected Android surveillance tool named KoSpy that was used to target Korean and English-speaking users. ScarCruft has been active since at least 2012, it made the […]
In a significant development in the cybersecurity landscape, APT-C-36, more commonly known as Blind Eagle, has intensified its operations targeting Colombian governmental, financial, and critical infrastructure organizations. Active since 2018, this Ad…
The North Korea-linked APT37 has been observed targeting Android users with spyware distributed via Google Play.
The post North Korean Hackers Distributed Android Spyware via Google Play appeared first on SecurityWeek.
Mandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper Networks Junos OS MX routers. In mid-2024, Mandiant identified custom backdoors on Juniper Networks’ Junos OS routers, and attributed the attacks to a China-linked espionage group tracked as UNC3886. These TINYSHELL-based backdoors had various capabilities, including active and passive access and a script to […]
The cybersecurity landscape witnessed a significant development when the National Police Agency (NPA) and the National center of Incident readiness and Strategy for Cybersecurity (NISC) released a security advisory on January 8, 2025. This advisory hig…
South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign.
The post 1,600 Victims Hit by South American APT’s Malware appeared first on SecurityWeek.
The APT group SideWinder targets maritime and logistics companies across South and Southeast Asia, the Middle East, and Africa. Kaspersky researchers warn that the APT group SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) is targeting maritime, logistics, nuclear, telecom, and IT sectors across South Asia, Southeast Asia, the Middle East, and Africa. SideWinder (also […]