Heimadal Security

MAY 18, 2023

Researchers have uncovered previously unknown attack infrastructure used by Pakistani and Chinese entities operated by the state-sponsored group SideWinder. At least since 2012, SideWinder has been active, using spear-phishing attacks to gain access to targeted environments.

Cybercrime 64

Cybercrime Phishing Cybersecurity 64

SecureList

APRIL 27, 2022

On March 1, ESET published a blog post related to wipers used in Ukraine and to the ongoing conflict: in addition to HermeticWiper, this post introduced IsaacWiper, used to target specific machines previously compromised with another remote administration tool named RemCom, commonly used by attackers for lateral movement within compromised networks.

Malware 131

Malware Firmware Government Phishing 131

SecureList

APRIL 27, 2021

The company’s Orion IT, a solution for monitoring and managing customers’ IT infrastructure, was compromised. Kaspersky telemetry revealed a spike in exploitation attempts for these vulnerabilities following the public disclosure and patch from Microsoft. webshells and Exaramel implants.

Malware 139

Malware Spyware Government Social Engineering 139