Lucene search
K

119 matches found

hivepro
hivepro
added 2022/06/24 11:44 a.m.25 views

APT28 exploits Follina to deploy CredoMap

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Google Chrome addresses nine vulnerabilities in its latest stable channel update for Windows, Mac, and Linux...

1.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/22 12:51 p.m.147 views

Russian Hackers Exploiting Microsoft Follina Vulnerability Against Ukraine

The Computer Emergency Response Team of Ukraine CERT-UA has cautioned of a new set of spear-phishing attacks exploiting the "Follina" flaw in the Windows operating system to deploy password-stealing malware. Attributing the intrusions to a Russian nation-state group tracked as APT28 aka Fancy Bea...

9.3CVSS0.4AI score0.99374EPSS
Exploits62
Malwarebytes
Malwarebytes
added 2022/06/21 3:25 p.m.504 views

Russia’s APT28 uses fear of nuclear war to spread Follina docs in Ukraine

This blog post was authored by Hossein Jazi and Roberto Santos. In a recent campaign, APT28, an advanced persistent threat actor linked with Russian intelligence, set its sights on Ukraine, targeting users with malware that steals credentials stored in browsers. APT28 also known as Sofacy and Fan...

9.3CVSS0.4AI score0.99374EPSS
Exploits62
The Hacker News
The Hacker News
added 2022/05/09 8:55 a.m.42 views

Ukrainian CERT Warns Citizens of a New Wave of Attacks Distributing Jester Malware

The Computer Emergency Response Team of Ukraine CERT-UA has warned of phishing attacks that deploy an information-stealing malware called Jester Stealer on compromised systems. The mass email campaign carries the subject line "chemical attack" and contains a link to a macro-laced Microsoft Excel...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/09 12:0 a.m.235 views

APT28 FancyBear Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/d6751b148461e0f863548be84020b879.txt Contact: [email protected] Media: twitter.com/malvuln Threat: APT28 FancyBear Vulnerability: Code Execution Description: FancyBear looks for and execute...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/04 8:34 a.m.33 views

Ukraine War Themed Files Become the Lure of Choice for a Wide Range of Hackers

A growing number of threat actors are using the ongoing Russo-Ukrainian war as a lure in various phishing and malware campaigns, even as critical infrastructure entities continue to be heavily targeted. "Government-backed actors from China, Iran, North Korea and Russia, as well as various...

1.2AI score
Exploits0
ThreatPost
ThreatPost
added 2022/04/11 5:26 p.m.81 views

Microsoft Takedown Domains Used in Cyberattack Against Ukraine

Microsoft seized seven domains it claims were part of ongoing cyberattacks by what it said are state-sponsored Russian advanced persistent threat actors that targeted Ukrainian-related digital assets. The company obtained court orders to take control of the domains it said were used by Strontium,...

8.6AI score
Exploits0References5
The Hacker News
The Hacker News
added 2022/04/08 7:4 a.m.30 views

Microsoft Obtains Court Order to Take Down Domains Used to Target Ukraine

Microsoft on Thursday disclosed that it obtained a court order to take control of seven domains used by APT28, a state-sponsored group operated by Russia's military intelligence service, with the goal of neutralizing its attacks on Ukraine. "We have since re-directed these domains to a sinkhole...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/01/25 2:4 p.m.96 views

Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets

Cybersecurity researchers on Tuesday took the wraps off a multi-stage espionage campaign targeting high-ranking government officials overseeing national security policy and individuals in the defense industry in Western Asia. The attack is unique as it leverages Microsoft OneDrive as a...

8.8CVSS0.2AI score0.96843EPSS
Exploits38
Trellix
Trellix
added 2022/01/25 12:0 a.m.52 views

Prime Minister’s Office Compromised: Details of Recent Espionage Campaign

Prime Minister’s Office Compromised: Details of Recent Espionage Campaign By Marc Elias · January 25, 2022 A special thanks to Christiaan Beek, Alexandre Mundo, Leandro Velasco and Max Kersten for malware analysis and support during this investigation. Executive Summary Our Advanced Threat Resear...

0.4AI score0.96843EPSS
Exploits38
Trellix
Trellix
added 2022/01/25 12:0 a.m.70 views

Prime Minister’s Office Compromised: Details of Recent Espionage Campaign

Prime Minister’s Office Compromised: Details of Recent Espionage Campaign By Marc Elias · January 25, 2022 A special thanks to Christiaan Beek, Alexandre Mundo, Leandro Velasco and Max Kersten for malware analysis and support during this investigation. Executive Summary Our Advanced Threat Resear...

8.8CVSS9.5AI score0.96843EPSS
Exploits38
The Hacker News
The Hacker News
added 2021/11/29 10:56 a.m.17 views

Hackers Using Compromised Google Cloud Accounts to Mine Cryptocurrency

Threat actors are exploiting improperly-secured Google Cloud Platform GCP instances to download cryptocurrency mining software to the compromised systems as well as abusing its infrastructure to install ransomware, stage phishing campaigns, and even generate traffic to YouTube videos for view cou...

6.7AI score
Exploits0
Securelist
Securelist
added 2021/11/17 10:0 a.m.27 views

Advanced threat predictions for 2022

Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing nature, there is a lot we can learn from recent APT trends to predict what might lie ahead in the coming year. Based on the collective knowledge and insights of our experts, w...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/10/14 4:30 p.m.26 views

Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries

Google's Threat Analysis Group TAG on Thursday said it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. The warnings mark a 33%...

0.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/10/11 11:53 a.m.30 views

Google warns some users that FancyBear’s been prowling around

APT28, also known as FancyBear, is at the heart of another targeted campaign. This time, it’s sniffing around users of Google services. Some 14,000 people have been notified about a spear phish attempt looking to compromise accounts and access their files. When did this happen? Sometime late...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2021/07/26 10:9 p.m.201 views

IoT Piranhas Are Swarming Industrial Controls

Full transparency: Curtis Simpson, CISO at Armis, the enterprise IoT security company, was fundamentally a black hat at the age of 12, before he even knew what a black hat was. One day he got flooded over IRC and was fascinated: What just happened? And how did it happen? He’s since spent the vast...

7.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/07/26 3:0 p.m.178 views

Malware Makers Using ‘Exotic’ Programming Languages

Malware authors are increasingly using rarely spotted programming languages such as Go, Rust, Nim and DLang in order to create new tools and to hinder analysis, researchers have found. Use of those four languages is escalating in the number of malware families being identified, according to a...

8AI score
Exploits0References22
ThreatPost
ThreatPost
added 2021/07/02 4:14 p.m.485 views

Kubernetes Used in Brute-Force Attacks Tied to Russia’s APT28

U.S. and U.K. authorities are warning that the APT28 advanced-threat actor APT – a.k.a. Fancy Bear or Strontium, among other names – has been using a Kubernetes cluster in a widespread campaign of brute-force password-spraying attacks against hundreds of government and private sector targets...

9CVSS9.7AI score0.99965EPSS
Exploits34References21
The Hacker News
The Hacker News
added 2021/07/02 6:23 a.m.47344 views

NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers

An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency NSA, Cybersecurity and...

9CVSS1.1AI score0.99965EPSS
Exploits34
Malwarebytes
Malwarebytes
added 2021/02/24 4:6 p.m.32 views

LazyScripter: From Empire to double RAT

Malwarebytes’ Threat Intelligence analysts are continually researching and monitoring active malware campaigns and actor groups as the prevalence and sophistication of targeted attacks rapidly evolves. In this paper, we introduce a new APT group we have named LazyScripter, presenting in-depth...

0.6AI score
Exploits0
Rows per page
Query Builder