Cyber Espionage, StrongPity targets Kurdish community in Syria
Bitdefender cyber security experts: The APT leveraged Trojanized popular tools and could be linked to Turkey. Victims are screened based on a targets list.
Cyber Espionage, Ke3chang exploit a new tool: Ketrum
Intezer cyber security experts: The malware merges the features from Ketrican and Okrum. The APT continues to morph its code and switch basic functionalities in the various backdoors.
Cyber Espionage, Naikon is back with a new malware
Check Point cyber security experts: The China-linked APT exploited the Aria-body backdoor to attack several governments in APAC. It uses different infection chains to deliver the malicious code.
Cyber Warfare, US expose new North Korea’s malware
The cyber security experts: They are COPPERHEDGE, TAINTEDSCRIBE, and PEBBLEDASH: a RAT and two trojans. Last February six other HIDDEN COBRA’s malicious codes were discovered.
Cyber Espionage, APT32 targets Chinese government on coronavirus
FireEye cyber security experts: The Vietnam’s group, aka Ocean Lotus, tried to collect intelligence on the anti COVID-19 response. The weapons are spear phishing and METALJACK malware.
Cybercrime, has “FIN6” partnered with the “TrickBot” operators?
Digital Shadows cyber security experts: In a recently cyber-threat campaign, the financially motivated APT allegedly used “Anchor”, a framework associated with the malware.
Cyber Espionage, APT37 is back with a new spear phishing campaign
Digital Shadows and ESTsecurity cyber security experts: North Korea’s hackers exploited cloud-related platforms to distribute malware, evade detection, and minimize the group’s footprint.
Cyber Espionage, North Korea’s Kimsuki evolves its TTPs
Yoroi-ZLab cyber security experts: The APT exploits a malware, compatible with the previous campaigns, and a new strategy to avoid being detected.
Cyber Espionage, Iran still targets Lebanon government
Cyber security experts found an update of the Karkoff implant, used by APT34. It proves that group is still operating and that a new campaign is active. The malware is delivered through spear-phishing emails.
Cyber Warfare, APT34/OilRig and APT33/Elfin cooperated in Fox Kitten Campaign
ClearSky cyber security experts: Iran-linked APTs hit dozens of companies and organizations around the world. They exploit vulnerabilities in systems with VPN-RDP services.