Intelligence – Page 17 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor

Iran-linked Charming Kitten group used an updated version of the PowerShell backdoor called POWERSTAR in a spear-phishing campaign. Security firm Volexity observed the Iran-linked Charming Kitten (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) group using an updated version of the PowerShell backdoor POWERSTAR in a spear-phishing campaign. Iran-linked Charming Kitten group, (aka APT35, Phosphorus, Newscaster, and Ajax Security Team) made the headlines in 2014 when experts at iSight issued […]

The post Iran-linked Charming Kitten APT enhanced its POWERSTAR Backdoor appeared first on Security Affairs.

June 30, 2023

0 comment

North Korea-linked Andariel APT used a new malware named EarlyRat last year

North Korea-linked cyberespionage group Andariel used a previously undocumented malware called EarlyRat. Kaspersky researchers reported that the North Korea-linked APT group Andariel used a previously undocumented malware dubbed EarlyRat in attacks exploiting the Log4j Log4Shell vulnerability last year. The Andariel APT (aka Stonefly) has been active since at least 2015, it was involved in several attacks attributed to the North Korean government. The […]

The post North Korea-linked Andariel APT used a new malware named EarlyRat last year appeared first on Security Affairs.

June 30, 2023

0 comment

The Way AI Learns Poses Risks So Large That They Almost ‘Supplant’ Threats From China

CIPHER BRIEF REPORTING — Back in March, a group of intelligence leaders testified before Congress with a warning: the Chinese Communist Party constitutes the “most […] More

The post The Way AI Learns Poses Risks So Large That They Almost ‘Supplant’ Threats From China appeared first on The Cipher Brief.

June 29, 2023

0 comment

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

China-linked APT group VANGUARD PANDA, aka Volt Typhoon, was spotted observing a novel tradecraft to gain initial access to target networks. CrowdStrike researchers observed the China-linked APT group VANGUARD PANDA, aka Volt Typhoon, using a novel tradecraft to gain initial access to target networks. The Volt Typhoon group has been active since at least mid-2021 […]

The post China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks appeared first on Security Affairs.

June 26, 2023

0 comment

Someone is sending mysterious smartwatches to the US Military personnel

U.S. Army’s Criminal Investigation Division warns that US military personnel have reported receiving unsolicited smartwatches in the mail. The U.S. Army’s Criminal Investigation Division reported that service members across the military received smartwatches unsolicited in the mail. Upon using these smartwatches, the devices automatically connected to Wi-Fi and began connecting to cell phones unprompted, gaining access to a huge quantity of […]

The post Someone is sending mysterious smartwatches to the US Military personnel appeared first on Security Affairs.

June 24, 2023

0 comment

Putin and the Million Dollar Question for Intelligence Analysts

CIPHER BRIEF EXPERT ANALYSIS – With Ukraine now solidly into its long-awaited counteroffensive, western leaders are looking for signs of what impact the new actions […] More

The post Putin and the Million Dollar Question for Intelligence Analysts appeared first on The Cipher Brief.

June 22, 2023

0 comment

Analyzing the TriangleDB implant used in Operation Triangulation

Kaspersky provided more details about Operation Triangulation, including the exploitation chain and the implant used by the threat actors. Kaspersky researchers dug into Operation Triangulation and discovered more details about the exploit chain employed to deliver the spyware to iOS devices. In early June, the researchers from the Russian firm Kaspersky uncovered a previously unknown […]

The post Analyzing the TriangleDB implant used in Operation Triangulation appeared first on Security Affairs.

June 22, 2023

0 comment

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. A joint investigation conducted by Ukraine’s Computer Emergency Response Team (CERT-UA) and Recorded Future revealed that the Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) has been active since at least 2007 […]

The post Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities appeared first on Security Affairs.

June 21, 2023

0 comment

Lessons From Past Clashes With Moscow: A Conversation with Mike Vickers

Subscriber+Exclusive Interview — As Ukraine endeavors to push Russian forces from occupied territory, The Cipher Brief — in a bid to glean insights into the ongoing counteroffensive […] More

The post Lessons From Past Clashes With Moscow: A Conversation with Mike Vickers appeared first on The Cipher Brief.

June 16, 2023

0 comment

Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine

Russia-linked APT group Gamaredon is using a new toolset in attacks aimed at critical organizations in Ukraine. The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. Symantec researchers reported that in some cases, the cyberespionage group remained undetected in the […]

The post Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine appeared first on Security Affairs.

June 15, 2023

0 comment

1 … 15 16 17 18 19 … 24