apt – Page 41 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Sandworm APT group hit Ukrainian news agency with five data wipers

The Ukrainian (CERT-UA) discovered five different wipers deployed on the network of the country’s national news agency, Ukrinform. On January 17, 2023, the Telegram channel “CyberArmyofRussia_Reborn” reported the compromise of the systems at the Ukrainian National Information Agency “Ukrinform”. The Ukrainian Computer Emergency Response Team (CERT-UA) immediately investigated the claims and as of January 27, […]

The post Sandworm APT group hit Ukrainian news agency with five data wipers appeared first on Security Affairs.

January 30, 2023

0 comment

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Russia-linked Sandworm APT group is behind a new Golang-based wiper, tracked as SwiftSlicer, that hit Ukraine, ESET reports. Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The experts believe that the Russia-linked APT group Sandwork (aka BlackEnergy and TeleBots) is behind the wiper attacks. The Sandworm group has been […]

The post Sandworm APT targets Ukraine with new SwiftSlicer wiper appeared first on Security Affairs.

January 28, 2023

0 comment

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

The U.K. National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. The U.K. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals. The UK agency reported ongoing spear-phishing […]

The post UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups appeared first on Security Affairs.

January 27, 2023

0 comment

North Korea-linked TA444 group turns to credential harvesting activity

North Korea-linked TA444 group is behind a credential harvesting campaign targeting a number of industry verticals. Proofpoint researchers reported that North Korea-linked TA444 APT group (aka APT38, BlueNoroff, Copernicium, and Stardust Chollima) is behind a credential harvesting campaign targeting a number of industry verticals. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, […]

The post North Korea-linked TA444 group turns to credential harvesting activity appeared first on Security Affairs.

January 25, 2023

0 comment

DragonSpark threat actor avoids detection using Golang source code Interpretation

Chinese threat actor tracked as DragonSpark targets organizations in East Asia with a Golang malware to evade detection. SentinelOne researchers spotted a Chinese-speaking actor, tracked as DragonSpark, that is targeting organizations in East Asia. The attackers employed an open source tool SparkRAT along with Golang malware that implements an uncommon technique to evade detection. “The threat […]

The post DragonSpark threat actor avoids detection using Golang source code Interpretation appeared first on Security Affairs.

January 25, 2023

0 comment

FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist

The U.S. FBI attributes the $100 million cyber heist against Harmony Horizon Bridge to North Korea-linked Lazarus APT. The U.S. Federal Bureau of Investigation (FBI) this week confirmed that in June 2022 the North Korea-linked Lazarus APT group and APT38 stole $100 million worth of cryptocurrency assets from the Blockchain company Harmony Horizon Bridge. “The FBI continues […]

The post FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist appeared first on Security Affairs.

January 24, 2023

0 comment

What your SOC will be facing in 2023

Supply chain and reoccurring attacks, data destruction, lack of staff — what challenges will your security operations center be facing in 2023?

January 23, 2023

0 comment

Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October

An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN as a zero-day. According to the security firm, the vulnerability was exploited in attacks against a series of targets, including a […]

The post Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October appeared first on Security Affairs.

January 20, 2023

0 comment

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o.

January 19, 2023

0 comment

Espionage Meets Color: Dark Pink APT Group Revealed

By Habiba Rashid
The Dark Pink APT group has been targeting countries in the APAC region.
This is a post from HackRead.com Read the original post: Espionage Meets Color: Dark Pink APT Group Revealed

January 11, 2023

0 comment

1 … 39 40 41 42