CVE-2023-28219

creationtimestamp| type| source ---|---|--- 2023-04-12 00:23:39+00:00| seen| https://t.me/cibsecurity/61924 2023-04-12 14:53:28+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1005...

Ukrainian Hackers Breach Email of APT28 Leader, Who’s Wanted by FBI

By Waqas APT28, or Fancy Bear, is a Russian government-backed nefarious hacking group known for using spear-phishing campaigns against its targets. This is a post from HackRead.com Read the original post: Ukrainian Hackers Breach Email of APT28 Leader, Whos Wanted by FBI...

Meet Anthalon, fighting for freedom of the press

By Owais Sultan In todays world, censorship and suppression of free speech are rampant in many parts of the globe. Governments… This is a post from HackRead.com Read the original post: Meet Anthalon, fighting for freedom of the press...

MERCURY and DEV-1084: Destructive attack on hybrid environment

April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. MERCURY is now tracked as Mango Sandstorm and DEV-1084 is now tracked as Storm-1084. To learn more about the new taxonomy represents the origin, unique traits,...

MERCURY and DEV-1084: Destructive attack on hybrid environment

April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. MERCURY is now tracked as Mango Sandstorm and DEV-1084 is now tracked as Storm-1084. To learn more about the new taxonomy represents the origin, unique traits,...

FBI Cracks Down on Genesis Market: 119 Arrested in Cybercrime Operation

A joint international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of stolen credentials associated with email, bank accounts, and social media platforms. Coinciding with the infrastructure seizure, the major crackdown, which...

Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks

A North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea and the U.S. Google's Threat Analysis Group TAG is tracking the cluster under the name ARCHIPELAGO , which it...

Winter Vivern APT targets EU with Zimbra flaw

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Winter Vivern abuses CVE-2022-27926 to attack public Zimbra webmail portals of government entities. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

Unraveling North Korea’s Cyber Espionage Group APT43 Targeting Geopolitical Interests

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary APT43 is a cyber espionage group that serves North Korean regime interests by targeting government organizations, academics, and think tanks focused on Korean peninsula geopolitical issues, mainly in Sout...

Big changes to Twitter verification: How to spot a verified account

Twitter has made some fairly major changes to how its verified checkmark status works, and its already causing some confusion. If you rely on the checkmark symbol for confirmation that the individual or business tweeting is actually the real deal, your regular process is now different. How...

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

The advanced persistent threat APT actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals tha...

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

The advanced persistent threat APT actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals tha...

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range o...

Donot APT Group Targets Government and Military Orgs in South Asia

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Donot group, also known as APT-Q-38, is a state-sponsored threat actor believed to operate out of a South Asian country. They primarily engage in network espionage activities targeting government...

North Korean APT43 Group Uses Cybercrime to Fund Espionage Operations

A new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to gather strategic intelligence that aligns with Pyongyang's geopolitical interests since 2018. Google-owned Mandiant, which is tracking the activity cluster under the moniker APT43 , said th...

President Biden Signs Executive Order Restricting Use of Commercial Spyware

U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies. The order said the spyware ecosystem "poses significant counterintelligence or security risks to the United States Government or significant risks of improper...

President Biden Signs Executive Order Restricting Use of Commercial Spyware

U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies. The order said the spyware ecosystem "poses significant counterintelligence or security risks to the United States Government or significant risks of improper...

CISA to Start Issuing Early-Stage Ransomware Alerts

By Deeba Ahmed According to CISA, this new initiative will be helpful for organizations/institutions in the public health, education, and government sectors. This is a post from HackRead.com Read the original post: CISA to Start Issuing Early-Stage Ransomware Alerts...

Juiker 信息泄露漏洞

Juiker is an instant messaging software for government and enterprise organizations from Juiker. An information disclosure vulnerability exists in Juiker version 4.6.0607.1, which originates from storing debug logs containing sensitive information to removable external storage. An attacker could...

Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers

Microsoft on Friday shared guidance to help customers discover indicators of compromise IoCs associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 CVSS score: 9.8, the critical flaw relates to a case of privilege escalation that could be exploited to steal NT LAN...