apt

DragonSpark threat actor avoids detection using Golang source code Interpretation

Chinese threat actor tracked as DragonSpark targets organizations in East Asia with a Golang malware to evade detection. SentinelOne researchers spotted a Chinese-speaking actor, tracked as DragonSpark, that is targeting organizations in East Asia. The attackers employed an open source tool SparkRAT along with Golang malware that implements an uncommon technique to evade detection. “The threat […]

The post DragonSpark threat actor avoids detection using Golang source code Interpretation appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist

The U.S. FBI attributes the $100 million cyber heist against Harmony Horizon Bridge to North Korea-linked Lazarus APT. The U.S. Federal Bureau of Investigation (FBI) this week confirmed that in June 2022 the North Korea-linked Lazarus APT group and APT38 stole $100 million worth of cryptocurrency assets from the Blockchain company Harmony Horizon Bridge. “The FBI continues […]

The post FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist appeared first on Security Affairs.

January 24, 2023
0 comment
Read More >>

Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October

An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN as a zero-day. According to the security firm, the vulnerability was exploited in attacks against a series of targets, including a […]

The post Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October appeared first on Security Affairs.

January 20, 2023
0 comment
Read More >>

StrongPity APT spreads backdoored Android Telegram app via fake Shagle site

The StrongPity APT group targeted Android users with a trojanized version of the Telegram app served through a website impersonating a video chat service called Shagle. ESET researchers reported that StrongPity APT group targeted Android users with a trojanized version of the Telegram app. The campaign has been active since November 2021, threat actors served the malicious app […]

The post StrongPity APT spreads backdoored Android Telegram app via fake Shagle site appeared first on Security Affairs.

January 11, 2023
0 comment
Read More >>

Russia-linked Cold River APT targeted US nuclear research laboratories

Russia-linked Cold River APT targeted three nuclear research laboratories in the United States in 2022 summer, Reuters reported. Reuters reported that the Russia-linked APT group Cold River (aka Calisto) targeted three nuclear research laboratories in the United States between August and September 2022. The Cold River APT group targeted the Brookhaven (BNL), Argonne (ANL), and […]

The post Russia-linked Cold River APT targeted US nuclear research laboratories appeared first on Security Affairs.

January 9, 2023
0 comment
Read More >>

Defensive Security Podcast Episode 213

https://www.theguardian.com/business/2018/mar/14/equifax-insider-trading-data-breach-jun-ying-charged
https://gizmodo.com/us-power-company-fined-2-7-million-over-security-flaws-1823745994
https://www.csoonline.com/article/3262551/data-protection/are-yo…

March 21, 2018
0 comment
Read More >>