MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

The Iranian hacking group known as MuddyWater has been observed leveraging a new backdoor dubbed UDPGangster that uses the User Datagram Protocol UDP for command-and-control C2 purposes. The cyber espionage activity targeted users in Turkey, Israel, and Azerbaijan, according to a report from...

EUVD-2006-1770

Malware in sbrugna...

Meta Disrupts Influence Ops Targeting Romania, Azerbaijan, and Taiwan with Fake Personas

Meta on Thursday revealed that it disrupted three covert influence operations originating from Iran, China, and Romania during the first quarter of 2025. "We detected and removed these campaigns before they were able to build authentic audiences on our apps," the social media giant said in its...

New Cyber Threat Targets Azerbaijan and Israel Diplomats, Stealing Sensitive Data

A previously unknown threat actor has been attributed to a spate of attacks targeting Azerbaijan and Israel with an aim to steal sensitive data. The attack campaign, detected by NSFOCUS on July 1, 2024, leveraged spear-phishing emails to single out Azerbaijani and Israeli diplomats. The activity ...

Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan

Cisco Talos assesses with high confidence that YoroTrooper, an espionage-focused threat actor first active in June 2022, likely consists of individuals from Kazakhstan based on their use of Kazakh currency and fluency in Kazakh and Russian. The actor also appears to have a defensive interest in t...

Operation Rusty Flag: Azerbaijan Targeted in New Rust-Based Malware Campaign

Targets located in Azerbaijan have been singled out as part of a new campaign that's designed to deploy Rust-based malware on compromised systems. Cybersecurity firm Deep Instinct is tracking the operation under the name Operation Rusty Flag. It has not been associated with any known threat actor...

Rust Implant Used in New Malware Campaign Against Azerbaijan

By Waqas KEY FINDINGS Organizations should take steps to protect themselves from this campaign by keeping software up to date,… This is a post from HackRead.com Read the original post: Rust Implant Used in New Malware Campaign Against Azerbaijan...

GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments

Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat actor named GoldenJackal. Russian cybersecurity firm Kaspersky, which has been keeping tabs on the group's activities since mid-2020, characterized the adversary as both capable...

Armenian Entities Hit by New Version of OxtaRAT Spying Tool

Entities in Armenia have come under a cyber attack using an updated version of a backdoor called OxtaRAT that allows remote access and desktop surveillance. "The tool capabilities include searching for and exfiltrating files from the infected machine, recording the video from the web camera and...

Armenian Entities Hit by New Version of OxtaRAT Spying Tool

Entities in Armenia have come under a cyber attack using an updated version of a backdoor called OxtaRAT that allows remote access and desktop surveillance. "The tool capabilities include searching for and exfiltrating files from the infected machine, recording the video from the web camera and...

Microsoft Obtains Court Order to Take Down Domains Used to Target Ukraine

Microsoft on Thursday disclosed that it obtained a court order to take control of seven domains used by APT28, a state-sponsored group operated by Russia's military intelligence service, with the goal of neutralizing its attacks on Ukraine. "We have since re-directed these domains to a sinkhole...

Aurora campaign: Attacking Azerbaijan using multiple RATs

This post was authored by Hossein Jazi As tensions between Azerbaijan and Armenia continue, we are still seeing a number of cyber attacks taking advantage of this situation. On March 5th 2021, we reported an actor that used steganography to drop a new .Net Remote Administration Trojan. Since that...

New steganography attack targets Azerbaijan

This blog post was authored by Hossein Jazi Threat actors often vary their techniques to thwart security defenses and increase the efficiency of their attacks. One of the tricks they use is known as steganography and consists of hiding content within images. We recently observed a malicious Word...

Russian APT28 Hackers Using COVID-19 as Bait to Deliver Zebrocy Malware

A Russian threat actor known for its malware campaigns has reappeared in the threat landscape with yet another attack leveraging COVID-19 as phishing lures, once again indicating how adversaries are adept at repurposing the current world events to their advantage. Linking the operation to a...

PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict

A new iteration of the PoetRAT spyware, sporting improvements to operational security, code efficiency and obfuscation, is making the rounds in Azerbaijan, targeting the public sector and other key organizations as the country’s conflict with Armenia over disputed territory intensifies. Threat...

PoetRAT: Malware targeting public and private sector in Azerbaijan evolves

By Warren Mercer, Paul Rascagneres and Vitor Ventura. The Azerbaijan public sector and other important organizations are still targeted by new versions of PoetRAT.This actor leverages malicious Microsoft Word documents alleged to be from the Azerbaijan government.The attacker has moved from Pytho...

PoetRAT: Python RAT uses COVID-19 lures to target Azerbaijan public and private sectors

By Warren Mercer, Paul Rascagneres and Vitor Ventura. News summaryAzerbaijan government and energy sector likely targeted by an unknown actor.From the energy sector, the actor demonstrates interest in SCADA systems related to wind turbines.The actor uses Word documents to drop malware that allows...

COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware

A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans RAT capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam. The targeted attacks employ Microsoft Word...

COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware

A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans RAT capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam. The targeted attacks employ Microsoft Word...

May 2016 DST update for Azerbaijan, Chile, Haiti, and Morocco in Windows

May 2016 DST update for Azerbaijan, Chile, Haiti, and Morocco in Windows This article describes an update of daylight saving time DST settings for Azerbaijan, Chile, Haiti, and Morocco in 2016. Before you install this update, see the Prerequisites section. This update applies to the following...