Cyber Espionage, new variant of Konni malware has been used to target Russia
Malwarebytes cybersecurity experts: It is been potentially linked to the North Korean’s APT37. The malware is distributed via spear phishing with 2 weaponized documents.
Cyber Espionage, APT28 now exploits the SkinnyBoy backdoor
Cluster 25 cybersecurity experts: The Russia-linked APT spreads the malware via spear phishing campaigns on a international scientific event in Spain.
Cyber Espionage, Chinese APTs use new malware to hit targets in US and Europe
FireEye cybersecurity experts: Threat actors as UNC2630 and UNC2717 are still compromising Pulse Secure VPN devices to infiltrate organizations.
Cyber Espionage, Chinese hackers exploit anti virus flaws to strike
Recorded Future cybersecurity experts: Unit 61419 bought small English AV batches from Western companies through intermediaries.
Cybercrime, Rocke Group uses a new malware to attack via saved SSH keys and weak passwords
Intezer cybersecurity experts: The China-linked APT’s code, after the victim has been infected, executes a Monero cryptominer.
Cyber Espionage, NAIKON exploited RainyDay to target military organizations in Asia
Bitdefender cybersecurity experts: China’s APT used the backdoor to compromise the victims’ network and to get to the information of interest.
Cyber Espionage, Pulse Connect Secure flaws exploited by APTs
FireEye cybersecurity experts: UNC2630 and UNC2717 use the CVE-2021-22893 to spy US and European government, defense, and financial organizations.
Cyber Espionage, APT34 is back with a new backdoor: SideTwist
CheckPoint cybersecurity experts: The Iranian threat actor, aka OilRig, used the malware in a campaign on a Lebanese target.
Cyber Espionage, North Korea’s hackers exploit military security magazines
ASEC cybersecurity experts: An APT uses the April issue of a monthly magazine in Word to distribute targeted malware.
Cyber Espionage, Facebook blocked Earth Empusa attacks on Uyghurs
The Chinese hackers (aka Evil Eye) targeted activists, journalists and dissidents with various TTPs to infect their devices with malware.