Cybercrime, FIN7 and RYUK groups are cooperating
Truesec cybersecurity experts: Maybe the first one sold its TTPs to the ransomware gang, probably they are closely affiliated and may be part of the same network.
Cybercrime, PyMICROPSIA is the last trojan developed by AridViper
Palo Alto cybersecurity experts: The malware has been built with Python and it steals information on Windows machines.
Cyber Espionage: APT actors are targeting U.S. Think Tanks
FBI and CISA cybersecurity experts: malicious hackers are trying steal sensitive information, acquire user credentials, and gain persistent access to victim networks.
Cyber Espionage: BISMUTH is leveraging Monero crypto-miners
Microsoft cybersecurity experts: The goal is to stay under the radar and establish persistence in targeted networks. The APT attacked France and Vietnam.
Cyber Espionage, Kimsuky North Korea’s hackers exposed
US CISA, FBI, and CNMF cybersecurity experts: APT employs common social engineering tactics, spearphishing, and watering hole attacks to exfiltrate information.
Cyber Espionage, XDSpy hits Eastern Europe and Balkans since 2011
ESET cybersecurity experts: The targets are primarily government entities. The APT, until now undetected, exploits the XDDown malware and spear phishing.
Cyber Espionage, APT28 targets NATO members and partners with Zebrocy
QuoIntelligence cyber security experts: Russian state hackers exploit fake training docs to spread the malware. There are correlations with ReconHell/BlackWater attack.
Cyber Warfare, attacks on U.S. grow as elections approach
Microsoft cyber security experts: Foreign activity stepped up targeting the 2020 vote. It’s the work of well known actors as Strontium, Zirconium and Phosphorus.
Cyber Espionage, Chinese APT TA413 spreads a new RAT: Sepulcher
Proofpoint cyber security experts: The malware has been distributed in 2 different campaigns Covid-19 themed. One targeted many organisations in EU. The other, against Tibetan dissidents.
Cyber Espionage, Charming Kitten hackers renewed their TTPs
Clearsky cyber security experts: The Iranian APT started impersonating “Deutsche Welle” and the “Jewish Journal” using emails alongside WhatsApp messages and LinkedIn profiles.