Cyber Warfare, pro-Russian actors in Ukraine hit by PowerMagic-CommonMagic
Kaspersky cybersecurity experts: Victims navigate to a URL pointing to a ZIP archive with 2 files: a decoy document and a malicious LNK that leads to malware infection.
Cyber Espionage, here it comes Dark Pink
Group-IB cybersecurity experts: The APT is targeting mostly the APAC region. It exploits new TTPs, custom toolkit-malware and two core techniques.
Cybercrime, Lazarus spreads Applejeus via fake cryptocurrency apps
Volexity cybersecurity experts: The North Korea’s APT uses a fake trading website, that mimic a legit one, and DLL Side-loading to distribute the malware.
Cyber Espionage, Iran’s hackers targeted the US FCEB
The APT exploited the Log4Shell vulnerability, installed XMRig, moved laterally to the domain controller (DC), compromised credentials, and implanted Ngrok reverse proxies.
Cybercrime, Ukraine is targeted with DarkCrystal RAT
CERT-UA cybersecurity experts: "Free primary legal aid" email and password protected "Algorithm of actions of members of the family of a missing serviceman LegalAid.rar" spread the malware.
Cybercrime, BRATA is evolving into an APT
Cleafy cybersecurity experts: Threat actors behind the malware now target a specific financial institution at a time, and change their focus only once the victim starts to implement countermeasures.
Cyber Espionage, Aoqin Dragon is under the radar since 2013
Sentinel Labs cybersecurity experts: The the pro-China APT seeks initial access via document lures with porn themes and makes heavy use of USB shortcut techniques to spread malware.
Cyber Warfare, Russia targeted by an APT since the invasion of Ukraine
MalwareBytes cybersecurity experts find 4 campaigns to spread a RAT with different baits but the same custom malware.
Cybercrime, Bangladesh under attack by Bitter with a new malware
Cisco Talos cybersecurity experts: The Trojan, dubbed ZxxZ, is spread via with a themed lure document sent to high-ranking officers of the Police RAB.
Cyber Espionage, APT37 targets journalists with Goldbackdoor
Stairwell cybersecurity experts: The new North Korea’s malware spread via messages sent from the personal email of a former director of South Korea’s National Intelligence Service (NIS).