More results...
The financially motivated threat cluster UNC6040, tracked by Google Threat Intelligence Group (GTIG), has been orchestrating a series of voice phishing (vishing) campaigns specifically aimed at compromising Salesforce environments of multinational corp…
The North Korean state-sponsored hacking group APT37 has launched a sophisticated spear phishing campaign in March 2025, targeting activists focused on North Korean issues. Disguised as invitations to an academic forum hosted by a South Korean national…
Microsoft and CrowdStrike are running a project that aims to align threat actor names, and Google and Palo Alto Networks will also contribute.
The post Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names appeared first on SecurityWeek.
Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a hacked site. Google warns that China-linked APT41 used TOUGHPROGRESS malware with Google Calendar as C2, targeting various government entities via a compromised website. ” In late October 2024, GTIG discovered an exploited government website hosting malware being used to target multiple […]
Google Threat Intelligence Group (GTIG), a sophisticated malware campaign dubbed “TOUGHPROGRESS” has been uncovered, orchestrated by the notorious PRC-based threat actor APT41, also known as HOODOO. Identified in late October 2024, this cam…
The Czech government condemned China after linking cyber espionage group APT31 to a cyberattack on its critical infrastructure. The Czech government strongly condemned China after the cyber espionage group APT31 was linked to a cyberattack targeting the nation’s critical infrastructure. The Czech government condemned China after APT31 hackers infiltrated a ministry’s unclassified system in 2022 […]
Russia’s GRU-backed APT28, widely known as Fancy Bear, has intensified its cyber espionage campaign against NATO-aligned organizations. Active since at least 2007, this notorious threat actor has been attributed to a series of sophisticated attacks tar…
A new Russia-linked APT group, tracked as Laundry Bear, has been linked to a Dutch police security breach in September 2024. Netherlands General Intelligence and Security Service (AIVD) and the Netherlands Defence Intelligence and Security Service (MIVD) have linked a previously undetected Russia-linked group, tracked Laundry Bear (aka Void Blizzard), to a 2024 police breach. […]
Seqrite Labs, India’s largest malware analysis facility, has uncovered a sophisticated campaign dubbed Operation Sindoor, orchestrated by Pakistan-aligned threat groups APT36 and Sidecopy. Launched on May 7, 2025, this state-sponsored Advanced Persiste…
The DPRK-linked Velvet Chollima Advanced Persistent Threat (APT) group has launched a sophisticated cyberattack campaign targeting South Korean government officials, as well as NGOs, government agencies, and media organizations across North America, So…