Security Affairs

FEBRUARY 19, 2024

An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group identified a cyberespionage campaign carried out by an APT group, tracked as TAG-70, linked to Belarus and Russia.

Government 126

Government Social Engineering Engineering Hacking 126

Security Affairs

FEBRUARY 6, 2024

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. Google’s TAG tracked the activity of around 40 CSVs focusing on the types of software they develop. ” reads the report published by Google. ” concludes Google.

Spyware 118

Spyware Surveillance Government Software 118

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” reads the report published by Google TAG.

Government 124

Government Surveillance Cybercrime Ransomware 124

Security Affairs

NOVEMBER 6, 2023

Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, it was developed red teaming activities. The abuse of the Google service makes it hard for defenders to uncover malicious activity. ” Google TAG has previously observed threat actors abusing Google services in their operations.

Accountability 137

Accountability Hacking Information Security Malware 137

Security Affairs

OCTOBER 18, 2023

Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR. Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. ” reported Google TAG.

Cybercrime 128

Cybercrime Malware Software Hacking 128

The Hacker News

NOVEMBER 16, 2023

Most of this activity occurred after the initial fix became public on GitHub," Google Threat Analysis Group (TAG) said in a report shared with The Hacker News. The flaw, tracked as CVE-2023-37580 (CVSS score:

Software 115

Software Authentication 115

The Hacker News

SEPTEMBER 26, 2023

Recorded Future's Insikt Group, which is tracking the activity under the moniker TAG-74, said the adversary has been linked to "Chinese military intelligence and poses a significant threat to academic, aerospace and defense, government,

Government 109

Government 109

Security Affairs

MAY 3, 2022

China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG) reported that an APT group linked to China’s People’s Liberation Army Strategic Support Force (PLA SSF), tracked as Curious Gorge , is targeting Russian government agencies.

Manufacturing 122

Manufacturing Government Phishing Passwords 122

The Hacker News

NOVEMBER 28, 2023

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have been

107

107

Security Affairs

SEPTEMBER 8, 2023

The attacks that took place in the past weeks were detected by researchers at Google’s Threat Analysis Group (TAG). “Recently, TAG became aware of a new campaign likely from the same actors based on similarities with the previous campaign. ” reads the advisory published by Google TAG.

Cybersecurity 117

Cybersecurity Media Accountability Software 117

Security Affairs

JULY 27, 2023

Two weeks ago Zimbra urged customers to manually install updates to fix a zero-day vulnerability , now tracked as CVE-2023-38750 , that is actively exploited in attacks against Zimbra Collaboration Suite (ZCS) email servers. Google TAG researchers focus on identifying and countering advanced and persistent threats.

Hacking 97

Hacking Cyber threats Risk Information Security 97

Security Affairs

SEPTEMBER 22, 2023

Citizen Lab and Google’s TAG revealed that the three recently patched Apple zero-days were used to install Cytrox Predator spyware. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.” Apple fixed the flaw with improved checks.

Spyware 115

Spyware Surveillance Mobile Hacking 115

The Hacker News

AUGUST 9, 2023

Cybersecurity firm Recorded Future attributed the intrusion set to a nation-state group it tracks under the name RedHotel (previously Threat Activity Group-22 or TAG-22), which overlaps with a cluster of activity broadly

Cybersecurity 91

Cybersecurity 91

Schneier on Security

FEBRUARY 20, 2023

Tile has an interesting security solution to make its tracking tags harder to use for stalking: The Anti-Theft Mode feature will make the devices invisible to Scan and Secure, the company’s in-app feature that lets you know if any nearby Tiles are following you.

Surveillance 196

Surveillance Government 196

Security Boulevard

FEBRUARY 8, 2023

We overhauled how you interact with operation logs and added support for tagging clients, projects, reports, findings, evidence files, domains, servers, operation logs, and log entries. Tagging Tags will help you organize and customize your projects. Tags are comma-separated and appear as grey badges in the interface.

Social Engineering 85

Social Engineering Technology Engineering Cybersecurity 85

Security Affairs

JUNE 19, 2022

In middle June, the Wordfence Threat Intelligence team noticed a back-ported security update in the popular WordPress plugin Ninja Forms, which has over one million active installations. The researchers believe that this vulnerability is being actively exploited in the wild, it has been rated with a CVSS score of 9.8.

Hacking 126

Hacking Cybersecurity Information Security 126

The Hacker News

JANUARY 18, 2024

Google's Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to trigger the infection sequence. The lures are

Malware 80

Malware Phishing 80

Security Affairs

DECEMBER 28, 2023

The actual damage resulting from this activity could potentially amount to millions of dollars. Even as the New Year approached and the world celebrated the festive Christmas season, the cybercriminal community did not pause their activities. Over 50 million records containing PII of consumers from around the world have been leaked.

Identity Theft 143

Identity Theft Data breaches Government Hacking 143

The Hacker News

DECEMBER 7, 2023

The threat actor known as COLDRIVER has continued to engage in credential theft activities against entities that are of strategic interests to Russia while simultaneously improving its detection evasion capabilities. It's also called Blue Callisto, BlueCharlie (or TAG-53),

79

79

Security Affairs

APRIL 20, 2023

The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG).

Phishing 97

Phishing Education Accountability Telecommunications 97

Security Affairs

SEPTEMBER 8, 2022

Researchers from Google’s Threat Analysis Group (TAG) reported that some former members of the Conti cybercrime group were involved in five different campaigns targeting Ukraine between April and August 2022. The activities overlap with operations attributed to a group tracked by CERT-UA as UAC-0098 [ 1 , 2 , 3 ]. .

Ransomware 136

Ransomware Cybercrime Government Media 136

Security Affairs

DECEMBER 12, 2023

Apple rolled out emergency security updates to backport patches for two actively exploited zero-day flaws to older devices. Apple this week rolled out emergency security updates to backport patches for two actively exploited zero-day flaws to older devices. The company released iOS 17.2 and iPadOS 17.2 The company released iOS 16.7.3

Surveillance 119

Surveillance Hacking Information Security 119

The Hacker News

APRIL 19, 2023

Google on Tuesday rolled out emergency fixes to address another actively exploited high-severity zero-day flaw in its Chrome web browser. Clément Lecigne of Google's Threat Analysis Group (TAG) has been credited with discovering and reporting the flaw on April 12, 2023. "

107

107

The Hacker News

JUNE 6, 2023

Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on June 1, 2023.

Engineering 99

Engineering 99

The Hacker News

JANUARY 26, 2023

Google on Thursday disclosed it took steps to dismantle over 50,000 instances of activity orchestrated by a pro-Chinese influence operation known as DRAGONBRIDGE in 2022. However, a

91

91

The Hacker News

APRIL 14, 2023

Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Clement Lecigne of Google's Threat Analysis Group (TAG) has been

Engineering 99

Engineering 99

Security Affairs

MARCH 8, 2022

Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukrainian and European government and military organizations, as well as individuals. ” concludes the report.

DDOS 103

DDOS Phishing Government Hacking 103

Bleeping Computer

APRIL 20, 2022

Microsoft Defender for Endpoint has been tagging Google Chrome updates delivered via Google Update as suspicious activity due to a false positive issue. [.].

99

99

The Hacker News

APRIL 19, 2023

Google's Threat Analysis Group (TAG), which is monitoring the activities of the actor under the name FROZENLAKE, said the attacks continue the "group's 2022 focus

Phishing 85

Phishing 85

Malwarebytes

JANUARY 22, 2024

Researchers at Google’s Threat Analysis Group (TAG) have published their findings about a group they have dubbed Coldriver. Their activities are aligned with those of the Russian government, so it’s pretty safe to say that Coldriver is a state-sponsored group. TAG has created a YARA rule that cab help find the Spica backdoor.

Social Engineering 94

Social Engineering Government Media DNS 94

Security Affairs

OCTOBER 25, 2023

The Winter Vivern group was first analyzed in 2021, it has been active since at least 2020 and it targets governments in Europe and Central Asia. The analysis of the email HTML source code revealed the presence of a SVG tag at the end, which contains a base64-encoded payload. The messages were sent from team.managment@outlook[.]com

Software 120

Software Government Phishing Internet 120

The Hacker News

DECEMBER 2, 2022

Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on November 29, 2022.

Engineering 95

Engineering 95

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. ” TAG concludes.

Spyware 104

Spyware Surveillance Risk Internet 104

The Hacker News

DECEMBER 7, 2022

Recorded Future attributed the new infrastructure to a threat activity group it tracks under the name TAG-53, and is broadly known by the cybersecurity community as Blue Callisto, based military weapons and hardware supplier.

Hacking 91

Hacking Cybersecurity 91

Security Affairs

DECEMBER 8, 2022

North Korea-linked APT37 group (aka ScarCruft , Reaper, and Group123) actively exploited an Internet Explorer zero-day vulnerability, tracked as CVE-2022-41128 , in attacks aimed at South Korean users. ” reads the post published by TAG. Google TAG shared indicators of compromise (IOCs) for this campaign. CVE-2017-0199 ).

Internet 99

Internet Internet Engineering Malware 99

Security Affairs

OCTOBER 4, 2023

Apple released emergency security updates to address a new actively exploited zero-day vulnerability impacting iPhone and iPad devices. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6.” “A local attacker may be able to elevate their privileges.

Hacking 120

Hacking Mobile Information Security 120

Malwarebytes

DECEMBER 12, 2023

Apple has issued emergency updates that include patches for older iOS devices concerning the two actively used zero-day vulnerabilities that were patched last week in newer devices. But both vulnerabilities were credited to Clément Lecigne of Google’s Threat Analysis Group (TAG). Updates are available for: Safari 17.2

Spyware 81

Spyware Risk Cybersecurity 81