apt – Page 46 – MCYSEKA-Maritime Cyber Security Knowledge Archive

The Russia-linked APT29 is behind recent attacks targeting NATO and EU

Poland intelligence linked the Russian APT29 group to a series of attacks targeting NATO and European Union countries. Poland’s Military Counterintelligence Service and its Computer Emergency Response Team linked a recent string of attacks targeting NATO and European Union countries to the Russia-linked APT29 group (aka SVR group, Cozy Bear, Nobelium, and The Dukes). APT29 along with APT28 cyber espionage group […]

The post The Russia-linked APT29 is behind recent attacks targeting NATO and EU appeared first on Security Affairs.

April 13, 2023

0 comment

Following the Lazarus group by tracking DeathNote campaign

The Lazarus group is a high-profile Korean-speaking threat actor with multiple sub-campaigns. In this blog, we’ll focus on an active cluster that we dubbed DeathNote.

April 12, 2023

0 comment

Iran-linked MERCURY APT behind destructive attacks on hybrid environments

Iran-linked APT group MERCURY is behind destructive attacks on hybrid environments masquerading as a ransomware operation. The Microsoft Threat Intelligence team observed a series of destructive attacks on hybrid environments that were carried out by MuddyWater APT group (aka MERCURY). Threat actors masqueraded the attacks as a standard ransomware operation. MERCURY (aka MuddyWater, SeedWorm and TEMP.Zagros) has been active since […]

The post Iran-linked MERCURY APT behind destructive attacks on hybrid environments appeared first on Security Affairs.

April 10, 2023

0 comment

Phishing from threat actor TA473 targets US and NATO officials

These phishing campaigns are exploiting a Zimbra vulnerability and affecting internet-facing webmail services. Learn how to protect your organization from this security threat.
The post Phishing from threat actor TA473 targets US and NATO officials app…

April 7, 2023

0 comment

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Google’s Threat Analysis Group (TAG) warns of a North Korea-linked cyberespionage group tracked as ARCHIPELAGO. Google’s Threat Analysis Group (TAG) is warning of the North Korea-linked ARCHIPELAGO group that is targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea, the US and elsewhere. Google experts are tracking ARCHIPELAGO since […]

The post Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group appeared first on Security Affairs.

April 6, 2023

0 comment

3CX Supply chain attack allowed targeting cryptocurrency companies

Threat actors behind the 3CX supply chain attack have targeted a limited number of cryptocurrency companies with a second-state implant. As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product. The products from multiple cybersecurity vendors started detecting the popular […]

The post 3CX Supply chain attack allowed targeting cryptocurrency companies appeared first on Security Affairs.

April 4, 2023

0 comment

Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

A DLL named guard64.dll, which was loaded into the infected 3CXDesktopApp.exe process, was used in recent deployments of a backdoor that we dubbed “Gopuram” and had been tracking internally since 2020.

April 3, 2023

0 comment

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Files leaked by Russian IT contractor NTC Vulkan show that Russia-linked Sandworm APT requested it to develop offensive tools. Documents leaked from Russian IT contractor NTC Vulkan show it was likely involved in the development of offensive tools. The documents demonstrate that it also developed hacking tools for the Russia-linked APT group Sandworm. The Sandworm group […]

The post Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal appeared first on Security Affairs.

April 2, 2023

0 comment

Russian APT group Winter Vivern targets email portals of NATO and diplomats

Russian hacking group Winter Vivern has been actively exploiting Zimbra flaws to steal the emails of NATO and diplomats. A Russian hacking group, tracked Winter Vivern (aka TA473), has been actively exploiting vulnerabilities (CVE-2022-27926) in unpatched Zimbra instances to gain access to the emails of NATO officials, governments, military personnel, and diplomats. The CVE-2022-27926 flaw […]

The post Russian APT group Winter Vivern targets email portals of NATO and diplomats appeared first on Security Affairs.

March 31, 2023

0 comment

New Mélofée Linux malware linked to Chinese APT groups

Exatrack researchers warn of an unknown China-linked hacking group that has been linked to a new Linux malware, dubbed Mélofée. Cybersecurity researchers from ExaTrack recently discovered a previously undetected malware family, dubbed Mélofée, targeting Linux servers. The researchers linked with high-confidence this malware to China-linked APT groups, in particular the Winnti group. The Mélofée malware includes a […]

The post New Mélofée Linux malware linked to Chinese APT groups appeared first on Security Affairs.

March 30, 2023

0 comment

1 … 44 45 46 47 48 … 51