Lucene search
K

52 matches found

HackRead
HackRead
added 2026/04/23 4:42 p.m.10 views

Harvester APT Expands Spying Operations with New GoGra Linux Malware

New GoGra Linux malware linked to Harvester APT targets systems in South Asia, using fake PDFs and Microsoft APIs for covert command and control...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/04/22 3:28 p.m.12 views

Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API

The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of attacks likely targeting entities in South Asia. "The malware uses the legitimate Microsoft Graph API and Outlook mailboxes as a covert command-and-control C2 channel, allowing...

5.8AI score
Exploits0
Securelist
Securelist
added 2026/04/15 12:30 p.m.12 views

Threat landscape for industrial automation systems in Q4 2025

Statistics across all threats The percentage of ICS computers on which malicious objects were blocked has been decreasing since the beginning of 2024. In Q4 2025, it was 19.7%. Over the past three years, the percentage has decreased by 1.36 times, and by 1.25 times since Q4 2023. Percentage of IC...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/21 5:17 p.m.8 views

North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews

As many as 3,136 individual IP addresses linked to likely targets of the Contagious Interview activity have been identified, with the campaign claiming 20 potential victim organizations spanning artificial intelligence AI, cryptocurrency, financial services, IT services, marketing, and software...

6.1AI score
Exploits0
Talos Blog
Talos Blog
added 2026/01/08 11:0 a.m.13 views

UAT-7290 targets high value telecommunications infrastructure in South Asia

Cisco Talos is disclosing a sophisticated threat actor we track as UAT-7290, who has been active since at least 2022. UAT-7290 is tasked with gaining initial access as well as conducting espionage focused intrusions against critical infrastructure entities in South Asia. UAT-7290's arsenal includ...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/28 4:1 a.m.5 views

SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats

A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025. The activity "reveals a notable evolution in...

6.5AI score
Exploits0
Talos Blog
Talos Blog
added 2025/09/23 6:0 p.m.9 views

How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking

Cisco Talos discovered a new campaign active since 2022, targeting the telecommunications and manufacturing sectors in Central and South Asian countries, delivering a new variant of PlugX. Talos discovered that the new variant's features overlap with both the RainyDay and Turian backdoors,...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/05 1:53 p.m.22 views

Researchers Detail Bitter APT's Evolving Tactics as Its Geographic Scope Expands

The threat actor known as Bitter has been assessed to be a state-backed hacking group that's tasked with gathering intelligence that aligns with the interests of the Indian government. That's according to new findings jointly published by Proofpoint and Threatray in an exhaustive two-part analysi...

8.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/20 10:57 a.m.40 views

South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware

High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder. "The attackers used spear phishing emails paired with geofenced payloads to ensure that only victims in specific countries...

7.8CVSS8.2AI score0.99945EPSS
Exploits62
The Hacker News
The Hacker News
added 2025/03/11 7:0 a.m.35 views

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa

Maritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat APT group dubbed SideWinder. The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates,...

7.8CVSS8AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2025/02/13 11:58 a.m.23 views

RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset

An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an...

5.9CVSS9AI score0.99698EPSS
Exploits42
Securelist
Securelist
added 2024/12/27 10:0 a.m.16 views

Threat landscape for industrial automation systems in Q3 2024

Statistics across all threats In the third quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 1.5 pp to 22% when compared to the previous quarter. Percentage of ICS computers on which malicious objects were blocked, by quarter, 2022–2024 Compared...

7.3AI score
Exploits0
Securelist
Securelist
added 2024/10/15 10:0 a.m.93 views

Beyond the Surface: the evolution and expansion of the SideWinder APT group

SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that began its activities in 2012 and was first publicly mentioned by us in 2018. Over the years, the group has launched attacks against high-profile entities in South and Southeast Asia. Its primary targets have been...

7.8CVSS8.4AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2024/08/07 10:41 a.m.20 views

New Go-based Backdoor GoGra Targets South Asian Media Organization

An unnamed media organization in South Asia was targeted in November 20233 using a previously undocumented Go-based backdoor called GoGra. "GoGra is written in Go and uses the Microsoft Graph API to interact with a command-and-control C&C server hosted on Microsoft mail services," Symantec, part ...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/15 9:4 a.m.22 views

Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users

Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. "The latest iteration of LightSpy, dubbed 'FWarehouse,' boasts a modular framework with extensive spying features,"...

7.5AI score
Exploits0
hivepro
hivepro
added 2023/09/25 6:37 a.m.29 views

Sandman APT Strikes the Telecom Sector with the LuaDream Backdoor

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Sandman APT, an espionage group of unknown origins that surfaced mysteriously in August, is orchestrating a sophisticated campaign aimed squarely at telecommunications providers spanning the Middle East,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/01 11:11 a.m.27 views

European Bank Customers Targeted in SpyNote Android Trojan Campaign

Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. "The spyware is distributed through email phishing or smishing campaigns and the fraudulent activities are executed with a...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/05/24 1:25 p.m.20 views

Unveiling the Stealthy Operations of GoldenJackal APT Group

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary GoldenJackal is an APT group targeting government and diplomatic entities in the Middle East and South Asia. Their advanced capabilities include a range of .NET malware tools for gaining control, stealing...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/23 3:30 p.m.126 views

GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments

Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group's activities since mid-2020, characterized the adversary as both capable...

9.3CVSS7.5AI score0.99374EPSS
Exploits62
The Hacker News
The Hacker News
added 2023/05/23 3:30 p.m.7 views

GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments

Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group's activities since mid-2020, characterized the adversary as both capable...

9.3CVSS7.3AI score0.99374EPSS
Exploits62
Rows per page
Query Builder