Sekoia cybersecurity experts: The pro-Russia APT simulates the Baltic Defense College, the Austrian Economic Chamber and NATO’s JDAL platform for reconnaissance purpose.
Stairwell cybersecurity experts: The new North Korea’s malware spread via messages sent from the personal email of a former director of South Korea’s National Intelligence Service (NIS).
Symantec cybersecurity experts: The China-linked APT used unpatched vulnerabilities in Microsoft Exchange, the Sodamaster backdoor and other custom malware and tools.
Lab52 cybersecurity researchers: The App steals information from mobile devices and sends it to a server in Russia. It looks like Turla's work, but there is no confirmation.
ESET cybersecurity experts: The China-linked APT exploits the Korplug malware variant with decoy documents on Russia’s invasion of Ukraine and COVID-19.
Symantec cybersecurity experts: The Slug malware uses hijacked TCP communications to connect on networks with strict firewall rules for cyber espionage purpose.