Cyber Warfare, Russia targeted by an APT since the invasion of Ukraine
MalwareBytes cybersecurity experts find 4 campaigns to spread a RAT with different baits but the same custom malware.
Cyber Espionage, Turla targets NATO-Europe with typosquatting
Sekoia cybersecurity experts: The pro-Russia APT simulates the Baltic Defense College, the Austrian Economic Chamber and NATO’s JDAL platform for reconnaissance purpose.
Cybercrime, Bangladesh under attack by Bitter with a new malware
Cisco Talos cybersecurity experts: The Trojan, dubbed ZxxZ, is spread via with a themed lure document sent to high-ranking officers of the Police RAB.
Cyber Espionage, new spear phishing campaign by Override Panda (APT 30)
Cluster 25 cybersecurity experts: The Chinese APT tries to deliver a beacon of a Red Team framework known as “Viper”.
Cyber Espionage, APT37 targets journalists with Goldbackdoor
Stairwell cybersecurity experts: The new North Korea’s malware spread via messages sent from the personal email of a former director of South Korea’s National Intelligence Service (NIS).
Cyber Espionage, new global campaign by Cicada
Symantec cybersecurity experts: The China-linked APT used unpatched vulnerabilities in Microsoft Exchange, the Sodamaster backdoor and other custom malware and tools.
Cyber Espionage, Process Manager is a new spyware for Android
Lab52 cybersecurity researchers: The App steals information from mobile devices and sends it to a server in Russia. It looks like Turla's work, but there is no confirmation.
Cyber Espionage, Mustang Panda targets European diplomats with Hodur
ESET cybersecurity experts: The China-linked APT exploits the Korplug malware variant with decoy documents on Russia’s invasion of Ukraine and COVID-19.
Cyber Espionage, Russian hackers exploit MFA protocols and “PrintNightmare” flaw
FBI-CISA cybersecurity experts: The threat actors used a misconfigured account set to default MFA protocols and the (CVE-2021-34527).
Cybercrime, here it come Daxin: a new stealthy backdoor made in China
Symantec cybersecurity experts: The Slug malware uses hijacked TCP communications to connect on networks with strict firewall rules for cyber espionage purpose.