apt – Page 32 – MCYSEKA-Maritime Cyber Security Knowledge Archive

SmugX: Chinese APT uses HTML smuggling to target European Ministries and embassies

China-linked APT group was spotted using HTML smuggling in attacks aimed at Foreign Affairs ministries and embassies in Europe. A China-linked APT group was observed using HTML smuggling in attacks against Foreign Affairs ministries and embassies in Europe, reports the cybersecurity firm Check Point. The researchers tracked the campaign as SmugX and reported that it […]

The post SmugX: Chinese APT uses HTML smuggling to target European Ministries and embassies appeared first on Security Affairs.

July 3, 2023

0 comment

Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware

Researchers spotted a new version of the RustBucket Apple macOS malware that supports enhanced capabilities. Researchers from the Elastic Security Labs have spotted a new variant of the RustBucket Apple macOS malware. In April, the security firm Jamf observed the North Korea-linked BlueNoroff APT group using a new macOS malware, dubbed RustBucket. The group BlueNoroff is considered a group that […]

The post Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware appeared first on Security Affairs.

July 3, 2023

0 comment

Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware

The post Experts detected a new variant of North Korea-linked RUSTBUCKET macOS malware appeared first on Security Affairs.

July 3, 2023

0 comment

Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor

Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. Security firm Volexity observed the Iran-linked Charming Kitten (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) group using an updated version of the PowerShell backdoor POWERSTAR in a spear-phishing campaign. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued […]

The post Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor appeared first on Security Affairs.

June 30, 2023

0 comment

North Korea-linked Andariel APT used a new malware named EarlyRat last year

North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year. The Andariel APT (aka Stonefly) has been active since at least 2015, it was involved in several attacks attributed to the North Korean government. The […]

The post North Korea-linked Andariel APT used a new malware named EarlyRat last year appeared first on Security Affairs.

June 30, 2023

0 comment

Rapid7: Japan Threat Landscape Takes on Global Significance

Rapid7 analyzes the Japan threat landscape and warns that attacks against the third-largest economy in the world have global consequences.
The post Rapid7: Japan Threat Landscape Takes on Global Significance appeared first on SecurityWeek.

June 29, 2023

0 comment

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

China-linked APT group VANGUARD PANDA, aka Volt Typhoon, was spotted observing a novel tradecraft to gain initial access to target networks. CrowdStrike researchers observed the China-linked APT group VANGUARD PANDA, aka Volt Typhoon, using a novel tradecraft to gain initial access to target networks. The Volt Typhoon group has been active since at least mid-2021 […]

The post China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks appeared first on Security Affairs.

June 26, 2023

0 comment

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. A joint investigation conducted by Ukraine’s Computer Emergency Response Team (CERT-UA) and Recorded Future revealed that the Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) has been active since at least 2007 […]

The post Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities appeared first on Security Affairs.

June 21, 2023

0 comment

Dissecting TriangleDB, a Triangulation spyware implant

In researching Operation Triangulation, we set ourselves the goal to retrieve as many parts of the exploitation chain as possible. As of now, we have finished analyzing the spyware implant and are ready to share the details.

June 21, 2023

0 comment

Barracuda ESG zero-day exploited by China-linked APT

Experts linked the UNC4841 threat actor behind the attacks exploiting the recently patched Barracuda ESG zero-day to China. Mandiant researchers linked the threat actor UNC4841 behind the attacks that exploited the recently patched Barracuda ESG zero-day vulnerability to China. “Through the investigation, Mandiant identified a suspected China-nexus actor, currently tracked as UNC4841, targeting a subset […]

The post Barracuda ESG zero-day exploited by China-linked APT appeared first on Security Affairs.

June 15, 2023

0 comment

1 … 30 31 32 33 34 … 42

M	T	W	T	F	S	S
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31