Recently linked campaigns reveal that Winter Vivern has targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign Affairs, and individuals within the Indian government.

A new hacker group, named YoroTrooper, was found targeting European nations and organizations in a cyberespionage campaign that started in June 2022. The attack begins with phishing emails with malicious shortcut files (LNK), along with legitimate PDF …

The Russian APT29 threat group abused multiple legitimate systems, including LegisWrite and eTrustEx, which are used by EU nations for exchanging info and data in a secure way.

Tick (aka Bronze Butler, REDBALDKNIGHT, Stalker Panda, and Stalker Taurus) is a suspected China-aligned collective that has primarily gone after government, manufacturing, and biotechnology firms in Japan. It’s said to be active since at least 2006.

YoroTrooper’s main tools include Python-based, custom-built, and open-source information stealers, such as the Stink stealer wrapped into executables via the Nuitka framework and PyInstaller.

Cybercriminals, purportedly of Asia-Pacific origin, have launched attacks aimed at government and military organizations in Southeast Asian countries. According to EclecticIQ, Dark Pink APT is behind the campaign and attempts to cripple systems via a c…

The Clop ransomware gang has begun extorting companies whose data was stolen using a zero-day flaw in the Fortra GoAnywhere MFT secure file-sharing solution. The extortion group said they used the flaw over ten days to steal data from 130 companies.

The Medusa operation started in June 2021 but had relatively low activity, with few victims. However, in 2023 the ransomware gang increased in activity and launched a ‘Medusa Blog’ used to leak data for victims who refused to pay a ransom.

Mandiant reports that since June 2022, the North Korean cyberespionage organization UNC2970 has been focusing on media and tech firms in the United States and Europe. Crims specifically targets security researchers of an enterprise using a job recruitm…

Mandiant says the particular group has previously targeted tech firms, media groups, and entities in the defense industry. Its latest campaign shows it has evolved its targeting scope and adapted its capabilities.