Heimadal Security

SEPTEMBER 28, 2021

It is classified as an advanced persistent threat APT29 by the US […]. The post A Custom Malware Is Used by Nobelium APT to Backdoor Windows Domains appeared first on Heimdal Security Blog. Cozy Bear is a Cybercriminal organization suspected to be linked to one or more Russian intelligence services.

Malware 115

Malware Hacking Cybersecurity 115

Heimadal Security

JULY 16, 2021

Security specialists at Kaspersky have discovered a rare, large-scale Advanced Persistent Threat (APT) operation against users in Southeast Asia, especially in Myanmar and the Philippines. The post Asian Government Entities Targeted by Chinese Cyberspies in APT Campaign appeared first on Heimdal Security Blog.

Government 95

Government Phishing Cybersecurity 95

Heimadal Security

JANUARY 14, 2022

BlueNoroff, a North Korean Advanced Persistent Threat (APT) group, has been observed using malicious documents and bogus MetaMask browser extensions in attacks targeting small and medium-sized cryptocurrency startups.

Cryptocurrency 127

Cryptocurrency Hacking Cybersecurity 127

Heimadal Security

JANUARY 11, 2023

The Advanced Persistent Threat (APT) known as StrongPity has been observed distributing a fake Shagle chat app that is a trojanized version of the Telegram for Android app with an added backdoor. The post StrongPity Hackers Are Targeting Android Users via Malicious Telegram App appeared first on Heimdal Security Blog.

Encryption 100

Encryption Cybersecurity 100

Heimadal Security

MAY 5, 2022

Naikon, a Chinese-state-sponsored Advanced Persistent Threat (APT) undergoes scrutiny once again following the discovery of a new set of TTPs (Tactics, Techniques, and Procedures). The post Chinese State-Sponsored APT Naikon Resurfaces with New Tactics, Techniques, and Procedures (TTPs).

Surveillance 106

Surveillance Cybersecurity 106

CSO Magazine

NOVEMBER 3, 2022

It's an example of how APT (advanced persistent threat) actors are constantly updating old attack tools and creating new ones to launch new malicious campaigns, particularly against mobile devices. “In To read this article in full, please click here

VPN 117

VPN Spyware Media Mobile 117

Heimadal Security

JULY 8, 2021

An advanced persistent threat (APT) group dubbed SideCopy that predominantly targets Indian army personnel has increased its activity this year and is currently using new custom Remote Access Trojans (RATs) in operations across India. Last […]. Last […].

Government 117

Government Cybersecurity 117

Heimadal Security

DECEMBER 21, 2022

The unsuccessful attack, which was attributed to Russia’s Federal Security Service (FSB), was just one of multiple intrusions orchestrated by advanced persistent threats (APTs). The post Russian Hackers Targeted Petroleum Refinery in NATO Country appeared first on Heimdal Security Blog.

Cybersecurity 92

Cybersecurity 92

NetSpi Executives

DECEMBER 21, 2023

NetSPI has updated Attack Surface Management (ASM) coverage for CVE-2023-42793 and released a Breach and Attack Simulation (BAS) Playbook that allows you to quickly test if you have detection coverage for the TTPS used in a recent campaign by Russian Foreign Intelligence Service Actors also known as APT 29.

Backups 114

Backups Authentication Internet Internet 114

Heimadal Security

FEBRUARY 11, 2022

It has been discovered that a hacking group dubbed ‘ModifiedElephant’, described as an APT (advanced persistent threat) actor has been engaging in its malicious activities in secret for a decade, avoiding detection and correlation between attacks due to the employed methods.

Hacking 116

Hacking Cybersecurity 116

Heimadal Security

DECEMBER 10, 2021

The Advanced Persistent Threat (APT) known as StrongPity is distributing malware-laced Notepad++ installers to infect their victims. APT #StrongPity NotePad++ installer(npp.8.1.7.Installer.x64.exe) APT #StrongPity NotePad++ installer(npp.8.1.7.Installer.x64.exe) Installer.x64.exe) Installer.x64.exe)

Malware 93

Malware Cybercrime Cybersecurity 93

Heimadal Security

JULY 16, 2021

Charming Kitten, an Advanced Persistent Threat (APT) group believed to be Iran-based, is operational again and looking to get sensitive information as it impersonates U.K. academics focused on Middle Eastern affairs. Source It is believed that the spear-phishing campaign began around January this year.

Phishing 105

Phishing Cybersecurity 105

Heimadal Security

MARCH 3, 2023

This advanced persistent threat (APT), also known as TA416 and Bronze President, targets organizations worldwide with customized versions of PlugX malware. This year, the Chinese cyberespionage group Mustang Panda began deploying a new custom backdoor named ‘MQsTTang’ in attacks.

Malware 75

Malware Government Cybersecurity 75

Heimadal Security

APRIL 6, 2022

A lasting malicious campaign employed by threat actors linked to the Chinese government has been recently discovered by security experts. A Chinese state-backed advanced persistent threat (APT) group is attacking organizations around the globe in a likely espionage […].

Media 92

Media Malware Government Cybersecurity 92

Heimadal Security

OCTOBER 27, 2021

Lazarus Group, the Advanced Persistent Threat (APT) hacking group linked to the North Korean government, has shifted its attention to new targets, with cybersecurity researchers noticing that the actor is expanding its supply chain attack capabilities.

Hacking 89

Hacking Government Cybersecurity 89

Heimadal Security

APRIL 2, 2021

APT stands for Advanced Persistent Threat. Behind an APT attack there usually are some highly skilled hackers that have very specific targets and a “low-and-slow” approach when it comes to directing and executing their misdemeanours. Read on to find more!

71

71

Heimadal Security

OCTOBER 22, 2021

The Russian Advanced Persistent Threat (APT) group FIN7 is trying to break into the lucrative ransomware market by creating bogus cybersecurity organizations that perform network attacks under the pretense of pentesting (penetration testing), also known as ethical hacking. appeared first on Heimdal Security Blog.

Penetration Testing 89

Penetration Testing Ransomware Marketing Hacking 89

Heimadal Security

DECEMBER 7, 2022

China might be behind a malicious campaign targeting Middle Eastern countries linked to BackdoorDiplomacy, an advanced persistent (APT) threat group. The post China May Be Behind the Latest Cyber Attack on Middle Eastern Telecoms appeared first on Heimdal Security Blog.

Cyber Attacks 79

Cyber Attacks Cybersecurity 79

Heimadal Security

NOVEMBER 18, 2021

An APT assault generally involves a group of highly competent hackers with very specific targets and a “slow and steady” approach to planning and executing their crimes. The post Microsoft Exchange and Fortinet Vulnerabilities Exploited by Iranian APT appeared first on Heimdal Security Blog. The term was […].

Hacking 84

Hacking Malware Cybersecurity 84

Heimadal Security

SEPTEMBER 22, 2021

Yesterday, cybersecurity researchers stated that the Russian Advanced Persistent Threat (APT) actor Turla has been developing and employing a new backdoor used to infect systems in Afghanistan, Germany, and the U.S. Who Is Turla?

Information Security 77

Information Security Cybersecurity 77

Heimadal Security

FEBRUARY 1, 2022

MuddyWater Advanced Persistent Threat (APT) is also known as Static Kitten, Seedworm, Mercury, and is famous for its attacks in the Middle East. Among the recent attacks carried out by the threat actor have been the exploitation of the ZeroLogon (CVE-2020-1472) […].

Telecommunications 84

Telecommunications Cryptocurrency Education Government 84

Heimadal Security

SEPTEMBER 24, 2021

According to them, the cyberespionage gang, dubbed FamousSparrow, is an Advanced Persistent Threat (APT) that has been operative since at least 2019. The APT is among those that targeted the ProxyLogon vulnerabilities […].

Government 82

Government Hacking Cybersecurity 82

Heimadal Security

NOVEMBER 10, 2021

The advanced persistent threat (APT) organization has previously been connected to attacks on Middle Eastern oil and gas businesses, but it now appears that its focus has shifted to the IT industry. The post Iranian State Hackers Are Attacking ISPs and Telcos appeared first on Heimdal Security Blog. What Happened?

Malware 92

Malware Cybersecurity 92

Security Affairs

MAY 25, 2022

An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. The threat actors behind the attacks aimed at implanting a Remote Access Trojan (RAT) to gain full control over the infected systems. Experts attributed the attacks, with low confidence, to a China-linked APT group.

Government 112

Government Malware Phishing Hacking 112

Heimadal Security

AUGUST 30, 2021

A new modular backdoor called SideWalk was recently discovered as part of new malicious campaigns launched by an APT group dubbed as SparklingGoblin. An advanced persistent threat can be deployed by cyber-criminals that have a high level of expertise and important resources to infiltrate a network.

Malware 80

Malware Cybersecurity 80

Schneier on Security

FEBRUARY 3, 2021

Details are in the Microsoft blog: We have published our in-depth analysis of the Solorigate backdoor malware (also referred to as SUNBURST by FireEye), the compromised DLL that was deployed on networks as part of SolarWinds products, that allowed attackers to gain backdoor access to affected devices.

Computers and Electronics 346

Computers and Electronics Malware Software Government 346

CyberSecurity Insiders

MARCH 15, 2021

This blog was written by an independent guest blogger. The inescapable conclusion is that smart cars are now among the favorite targets of hackers and APT (Advanced Persistent Threat) actors. To those who pay attention to such things, it seems like a new vulnerability in smart car systems is found every week.

Cybersecurity 114

Cybersecurity Cyber threats 114

Security Affairs

APRIL 4, 2023

The threat actors created bespoke JavaScript payloads designed for each government targets’ webmail portal. Researchers have observed TA473, a newly minted advanced persistent threat (APT) actor tracked by Proofpoint, exploiting Zimbra vulnerability CVE-2022-27926 to abuse publicly facing Zimbra hosted webmail portals.

Phishing 95

Phishing Spyware Government Passwords 95

SecureWorld News

FEBRUARY 14, 2023

Cybersecurity firm Group-IB successfully defended against a targeted attack by the Chinese state-sponsored Tonto Team, one of the world's most advanced persistent threat (APT) actors. Bisonal.DoubleT is a unique tool developed by the Tonto Team APT." "The

Phishing 98

Phishing Cybersecurity Healthcare Threat Detection 98

The Last Watchdog

MAY 10, 2019

Related: Marriott suffers massive breach We now know, thanks to reporting from cybersecurity blogger Brian Krebs, that the Wipro hack was a multi-month intrusion and likely the work of a nation-state backed threat actor. From the attacker’s point of view, a deep, persistent incursion results in numerous benefits.

Digital transformation 173

Digital transformation System Administration Hacking Threat Detection 173

eSecurity Planet

SEPTEMBER 16, 2021

The investigators said the advanced threat actors used a mixture of known and unique malware tools in the attack – which they dubbed Operation Harvest – to compromise the victim’s IT environment, exfiltrate the data and evade detection. Chinese-Linked APT Groups Likely Suspects. Preventing Long-Term Attacks.

Malware 138

Malware Manufacturing Software Cyber Attacks 138

Malwarebytes

MAY 31, 2023

The US Cybersecurity and Infrastructure Security Agency (CISA) has an urgent message for US businesses: watch out for Volt Typhoon, a threat actor sponsored by the People’s Republic of China (PRC). Given their ties to the Chinese government, it’s fair to label Volt Typhoon as an Advanced Persistent Threat (APT) group.

Passwords 75

Passwords Government Firewall Accountability 75

Security Affairs

MAY 31, 2022

SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. Researchers from Kaspersky have analyzed the activity of an aggressive threat actor tracked as SideWinder (aka RattleSnake and T-APT-04). ” states Kaspersky. To nominate, please visit:?

Encryption 98

Encryption Malware Phishing Hacking 98

Security Boulevard

MARCH 3, 2022

A history of cyberattacks Far before Russia launched its full-scale invasion of Ukraine, cybersecurity officials from the Ukrainian government already believed their nation had experienced multiple cyberattacks led by Russian Advanced Persistent Threat (APT) groups.

Ransomware 52

Ransomware Banking Government Cybersecurity 52

Malwarebytes

MAY 21, 2023

In this blog post, we'll be recapping the highlights and key takeaways from the webinar hosted by Marcin Kleczynski, CEO and co-founder of Malwarebytes, and featuring guest speaker Joseph Blankenship, Vice President and research director at Forrester. Looking at the ROI of MDR Cyber threat hunting for SMBs: How MDR can help

Cyber threats 74

Cyber threats Technology Ransomware Malware 74

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. Experts speculate that the threat actors need to have physical access in order to deploy the implant into the victim’s machine. ” concludes the report. ” concludes the report.

Firmware 133

Firmware Spyware Surveillance Hacking 133

eSecurity Planet

DECEMBER 2, 2021

The advanced persistent threat (APT) groups are using a technique called rich text format (RTF) template injections, which is similar to a template injection tactic that exploits Microsoft Office files. Bad actors are using the new technique to leverage RTF text file attachments in phishing emails.

Malware 116

Malware Phishing Antivirus Cyber threats 116