Lucene search
K

8 matches found

Microsoft Secure
Microsoft Secure
added 2026/05/14 3:0 p.m.16 views

Kazuar: Anatomy of a nation-state botnet

In this article 1. Delivery 2. Module types 3. Botnet operations 4. Who is Secret Blizzard? 5. Mitigation and protection guidance 6. Microsoft Defender detections Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for...

6.1AI score
Exploits0
Trellix
Trellix
added 2025/10/22 12:0 a.m.11 views

SideWinder's Shifting Sands: Click Once for Espionage

SideWinder's Shifting Sands: Click Once for Espionage By Ernesto Fernández Provecho and Pham Duy Phuc · October 22, 2025 In September 2025, the Trellix Advanced Research Center ARC detected a campaign targeting a European embassy located in New Delhi, India. Further investigation led to the...

9.3CVSS8.5AI score0.99933EPSS
Exploits29
The Hacker News
The Hacker News
added 2025/09/03 10:30 a.m.6 views

Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats

An Iran-nexus group has been linked to a "coordinated" and "multi-wave" spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world. The activity has been attributed by Israeli cybersecurity company Dream to Iranian-aligned operators connected to...

7.3AI score
Exploits0
Trellix
Trellix
added 2025/08/18 12:0 a.m.12 views

The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign

The Coordinated Embassy Hunt: Unmasking the DPRK-linked GitHub C2 Espionage Campaign By Pham Duy Phuc and Alex Lanstein · August 18, 2025 The Trellix Advanced Research Center uncovered a sophisticated espionage operation targeting diplomatic missions across several regions in South Korea during...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/03 1:25 p.m.13 views

Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX

A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to deliver the PlugX remote access trojan on compromised systems. Cybersecurity firm Check Point said the activity, dubbed SmugX, has been ongoing since at...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/02/15 10:58 a.m.12 views

New China-based Group Expands Operations to Compromise Diplomatic Targets in South America

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The China-based cyber espionage group DEV-0147 has expanded its data exfiltration operations to include diplomatic targets in South America, in addition to targeting government agencies and think tanks in...

1.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/05/26 3:28 p.m.46 views

Turla APT Revamps One of Its Go-To Spy Tools

The Turla APT group has been spotted using an updated version of the ComRAT remote-access trojan RAT to attack governmental targets. Turla a.k.a. Snake, Venomous Bear, Waterbug or Uroboros, is a Russian-speaking threat actor known since 2014, but with roots that go back to 2004 and earlier,...

7.9AI score
Exploits0References6
The Hacker News
The Hacker News
added 2020/05/15 9:43 a.m.8 views

HTTP Status Codes Command This Malware How to Control Hacked Systems

A new version of COMpfun remote access trojan RAT has been discovered in the wild that uses HTTP status codes to control compromised systems targeted in a recent campaign against diplomatic entities in Europe. The cyberespionage malware—traced to Turla APT with "medium-to-low level of confidence"...

5.8AI score
Exploits0
Rows per page
Query Builder