Cyber Espionage, North Korea’s APT37 spread Chinotto to monitor opponents
Kaspersky cybersecurity experts: The malware has been implemented in PowerShell, Windows and Android. The infection vector are spear phishing emails.
Cyber Espionage, new Iranian APT uses MSHTML RCE to steal Google-Instagram credentials
Safe Breach Labs cybersecurity experts: The threat actor infects victims via Farsi phishing emails with a PowerShell stealer malware.
Cyber Espionage, Iranian hackers increase attacks on IT services companies
Microsoft cybersecurity experts: The aim is to steal credentials belonging to downstream customer networks. India, Israel, UAE are the most hit targets.
Cyber Espionage, Ukraine intelligence identifies the ARMAGEDON hackers
The SSU cybersecurity experts: They are officers of the ‘Crimean’ FSB, who carried over 5,000 cyberattacks and attempted to infect over 1,500 government systems.
Cyber Espionage, IronHusky targets Defense and IT companies with MysterySnail
Kaspersky cybersecurity experts: The Chinese APT exploits the CVE-2021-40449 zero-day vulnerability in the Win32k kernel driver and the malware to escalate privileges.
Cyber Espionage, Iran DEV-0343 targets US-Israeli technology companies
Microsoft cybersecurity experts: The threat actors conducted extensive password spraying against more than 250 Office 365 tenants, included GIS and Persian Gulf ports.
Cybercrime, fake Amnesty International website spread Sarwent
Cisco Talos cybersecurity experts: The lure is the free availability of am anti Pegasus spyware tool, called AVPegasus. Indeed, the software is the malware.
Cyber Espionage, here it comes FamousSparrow
ESET cybersecurity experts: The group targets hotels, governments, and private companies worldwide, exploiting RCE and custom malware.
Cyber Espionage, Nobelium uses FoggyWeb as a backdoor
Microsoft cybersecurity experts: The APT exploits it to remotely exfiltrate sensitive information from a compromised AD FS server.
Cybercrime, JsOutProx is evolving and started targeting western financial organizations
Yoroi cybersecurity experts: The malware (aka TH-264) has improved protection mechanisms and can operate as a silent info stealer or run offensive plugins.