18 matches found
AI & Humans: Making the Relationship Work
Leaders of many organizations are urging their teams to adopt agentic AI to improve efficiency, but are finding it hard to achieve any benefit. Managers attempting to add AI agents to existing human teams may find that bots fail to faithfully follow their instructions, return pointless or obvious...
SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats
A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025. The activity "reveals a notable evolution in...
Russian Hackers Gamaredon and Turla Collaborate to Deploy Kazuar Backdoor in Ukraine
Cybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and co-comprise Ukrainian entities. Slovak cybersecurity company ESET said it observed the Gamaredon tools PteroGraphin and PteroOdd being used to execute Turla...
Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows
A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. "In this...
New DownEx Malware Campaign Targets Foreign Government Institutions in Central Asia
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The DownEx malware was discovered in a cyberattack on government institutions in Kazakhstan and Afghanistan in 2022, likely with state sponsorship. The attackers used spear-phishing emails to infiltrate...
Asian Governments and Organizations Targeted in Latest Cyber Espionage Attacks
Government and state-owned organizations in a number of Asian countries have been targeted by a distinct group of espionage hackers as part of an intelligence gathering mission that has been underway since early 2021. "A notable feature of these attacks is that the attackers leveraged a wide rang...
Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors
An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits. "The list of its victims includes high-value targets such as government and educational...
Molerats Hackers Return With New Attacks Targeting Middle Eastern Governments
A Middle Eastern advanced persistent threat APT group has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government entities associated with geopolitics in the region in a rash of new campaigns observed earlier this month. Sunnyvale-based...
Nobelium Phishing Campaign Poses as USAID
The cybercriminal group behind the notorious SolarWinds attack is at it again with a sophisticated mass email campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious activities. Microsoft Threat Intelligence Center MSTIC...
Nation-State Hackers Caught Hiding Espionage Activities Behind Crypto Miners
A nation-state actor known for its cyber espionage campaigns since 2012 is now using coin miner techniques to stay under the radar and establish persistence on victim systems, according to new research. Attributing the shift to a threat actor tracked as Bismuth, Microsoft's Microsoft 365 Defender...
Bug Bounty FAQ: Top Questions, Expert Answers
Seldom does Threatpost have the privilege to tap the collective brain trust of one cybersecurity corner of the threat landscape. But last month, Threatpost brought together leading voices in the bug bounty community to participate in a webinar Five Essentials for Running a Successful Bug Bounty...
Fraudulent Unemployment, COVID-19 Relief Claims Earn BEC Gang Millions
An infamous business email compromise BEC gang has submitted hundreds of fraudulent claims with state-level U.S. unemployment websites and coronavirus relief funds. Researchers who tracked the fraudulent activity said cybercriminals may have made millions so far from the fraudulent activity. Behi...
The Mask Malware: A 7-Year Cyber Espionage Campaign Unmasked
A sophisticated cyber spying operation, The Mask , that has been under the radar for about 7 years and targeted approximately 31 countries, has now been unmasked by researchers at Kaspersky Labs. Researchers believe the campaign has been active since 2007 and is a highly sophisticated nation-stat...
iGENUS5. 0 E-mail system of some vulnerability package injection and landing, etc-vulnerability warning-the black bar safety net
When nothing download a iGENUS5. 0 look at the watch, time is tight, only to see a probably. A large number of government, schools, scientific research institutions, large companies in the use of this system. Be the first to say I use the version and environment: ! 1 ! 2 ! 3 The entire program, n...
AntiSec Crew Attacks FBI Contractor IRC Federal
Members of the loosely organized group conducting the AntiSec hacking campaign have compromised a company called IRC Federal, which does contracting for the FBI and other federal agencies, posting a large trove of information online in retaliation for what the group says is IRC Federal’s record o...
Education, Goverment Sites Still Serving Scammers Months Later
Back in January, Threatpost covered a story originally reported by Julien Sobrier of Zsacaler. Sobrier discovered that the websites of a number of prominent American universities and government institutions had been hijacked and were redirecting fake online stores. As it turns out, some of the...
Germany to create cyber defense center !
Germany is planning the creation of a national cyber defense center in 2011 in reaction to a growing number of cyber attacks on government institutions that mostly originate in China. An interior ministry spokesman said Monday that while in 2009 the government registered only 900 attacks, there...
Saint Corporation Cross Site Scripting / HTML Injection
SAINT Corporation XSS Defacement Vulnerability Management, Assessment, Penetration Testing SAINT Corporation provides network security tools to financial, government and educational institutions around the world SAINT customers. The SAINT® vulnerability assessment tools are recognized as industry...