More results...
Russian state-sponsored hackers tracked as Static Tundra continue to target Cisco devices affected by CVE-2018-0171.
The post Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI appeared first on SecurityWeek.
FBI warns FSB-linked group Static Tundra is exploiting a 7-year-old Cisco IOS/IOS XE flaw to gain persistent access for cyber espionage. The FBI warns that Russia-linked threat actor Static Tundra exploits Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to target organizations in the […]
The Scaly Wolf advanced persistent threat (APT) gang has once again targeted a Russian engineering company in a sophisticated targeted attack that was discovered by Doctor Web’s analysts. This shows that the group is determined to obtain corporat…
APT group UAT-7237, linked to UAT-5918, targets web infrastructure in Taiwan using customized open-source tools to maintain long-term access. A Chinese-speaking advanced persistent threat (APT) group, tracked as UAT-7237, has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. […]
Bitdefender Labs has identified a sophisticated advanced persistent threat (APT) group dubbed “Curly COMrades,” active since mid-2024, targeting critical infrastructure in geopolitically sensitive regions. This Russian-aligned actor has foc…
New Charon ransomware targets Middle East public sector and aviation, using APT-style tactics, EDR evasion, and victim-specific ransom notes. Cybersecurity researchers have discovered a new campaign that employs a previously undocumented ransomware family called Charon to target the Middle East’s public sector and aviation industry. The threat actor behind the activity, according to Trend Micro, […]
The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using …
Researchers at cybersecurity firm Profero cracked DarkBit ransomware encryption, allowing victims to recover files for free. Good news for the victims of the DarkBit ransomware, researchers at cybersecurity firm Profero cracked the encryption process, allowing victims to recover files for free without paying the ransom. However, at this time, the company has yet to release […]
Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members have become targets. This approach works because executives often work remote…
Splunk has introduced PLoB (Post-Logon Behaviour Fingerprinting and Detection) in a world where compromised credentials remain the primary vector for initial access in more than half of cybersecurity incidents, as noted in the Cisco Talos IR Trends rep…