Cybercrime, Ukraine is targeted with DarkCrystal RAT
CERT-UA cybersecurity experts: "Free primary legal aid" email and password protected "Algorithm of actions of members of the family of a missing serviceman LegalAid.rar" spread the malware.
Cybercrime, BRATA is evolving into an APT
Cleafy cybersecurity experts: Threat actors behind the malware now target a specific financial institution at a time, and change their focus only once the victim starts to implement countermeasures.
Cyber Espionage, Aoqin Dragon is under the radar since 2013
Sentinel Labs cybersecurity experts: The the pro-China APT seeks initial access via document lures with porn themes and makes heavy use of USB shortcut techniques to spread malware.
Cyber Warfare, Russia targeted by an APT since the invasion of Ukraine
MalwareBytes cybersecurity experts find 4 campaigns to spread a RAT with different baits but the same custom malware.
Cybercrime, Bangladesh under attack by Bitter with a new malware
Cisco Talos cybersecurity experts: The Trojan, dubbed ZxxZ, is spread via with a themed lure document sent to high-ranking officers of the Police RAB.
Cyber Espionage, APT37 targets journalists with Goldbackdoor
Stairwell cybersecurity experts: The new North Korea’s malware spread via messages sent from the personal email of a former director of South Korea’s National Intelligence Service (NIS).
Cybercrime, Lazarus targets blockchain companies with TraderTraitor
The North Korea’s APT uses spear phishing emails to cryptocurrency firm employees that mimic recruitments for high-paying jobs: Goal: to download the malware.
Cybercrime, some APTs can fully access ICS / SCADA devices
DoE, CISA, NSA and FBI cybersecurity experts from: They have developed custom tools that attack Schneider Electric and OMRON Sysmac NEX PLCs, and OPC-UA.
Cyber Espionage, new global campaign by Cicada
Symantec cybersecurity experts: The China-linked APT used unpatched vulnerabilities in Microsoft Exchange, the Sodamaster backdoor and other custom malware and tools.
Cyber Espionage, Process Manager is a new spyware for Android
Lab52 cybersecurity researchers: The App steals information from mobile devices and sends it to a server in Russia. It looks like Turla's work, but there is no confirmation.