Cyber Espionage, Chinese APTs use new malware to hit targets in US and Europe
FireEye cybersecurity experts: Threat actors as UNC2630 and UNC2717 are still compromising Pulse Secure VPN devices to infiltrate organizations.
Cyber Espionage, Pulse Connect Secure flaws exploited by APTs
FireEye cybersecurity experts: UNC2630 and UNC2717 use the CVE-2021-22893 to spy US and European government, defense, and financial organizations.
Cybercrime, SolarWinds attackers deploy Sunshuttle as a second stage payload
FireEye cybersecurity experts: The malware uses cookie headers to pass values to the C2 and can select referrers from a list of popular websites.
Cybercrime, UNC2452 leverages SolarWinds supply chain
FireEye cybersecurity experts: The goal is to compromise multiple global victims with SUNBURST malware. The campaign is ongoing.
Cyber Espionage, APT32 targets Chinese government on coronavirus
FireEye cyber security experts: The Vietnam’s group, aka Ocean Lotus, tried to collect intelligence on the anti COVID-19 response. The weapons are spear phishing and METALJACK malware.
Cyber Security, Ransomware are deployed 3 days after organization’s infiltration
FireEye cyber security experts: Cybercrime execute malware after working hours and on weekend. Infection vectors: RDP, phishing with link-attachment, and drive by download.
Cyber Espionage, Iran’s APT34 attacks US targets with new tools
Intezer cyber security experts: Tehran’s hackers is targeting Westat employees or organizations that use the company services with TONEDEAF 2.0 and VALUEVAULT 2.0 malware.
Cyber Security, Citrix released the patch for the CVE-2019-19781 vulnerability
It covers the flaw in Application Delivery Controller (ADC) and Gateway. It’s imperative to install it now. Meanwhile, cybercrime tried to exploit it, also with fake security tools as NOTROBIN.
Cyber espionage: here it is the new Iran-linked APT34 campaign unveiled
FireEye cyber security experts: Malicious hackers masqueraded as a member of Cambridge University, used LinkedIn to deliver malicious documents and three new malware families.
Iran hackers increase cyber attacks against US. Will a cyber war begin?
The cyber security experts: Targets are government and critical infrastructures, as oil and gas. But this happened before CYBERCOM strike. There are risks of back-and-forth cyber warfare.