Lucene search
K

10 matches found

The Hacker News
The Hacker News
added 2023/09/26 9:49 a.m.362 views

Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign

A "multi-year" Chinese state-sponsored cyber espionage campaign has been observed targeting South Korean academic, political, and government organizations. Recorded Future's Insikt Group, which is tracking the activity under the moniker TAG-74, said the adversary has been linked to "Chinese...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/28 6:44 a.m.2 views

Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions

South Korean education, construction, diplomatic, and political institutions are at the receiving end of new attacks perpetrated by a China-aligned threat actor known as the Tonto Team. "Recent cases have revealed that the group is using a file related to anti-malware products to ultimately execu...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/28 6:44 a.m.52 views

Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions

South Korean education, construction, diplomatic, and political institutions are at the receiving end of new attacks perpetrated by a China-aligned threat actor known as the Tonto Team. "Recent cases have revealed that the group is using a file related to anti-malware products to ultimately execu...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/13 7:58 a.m.2 views

Chinese Tonto Team Hackers' Second Attempt to Target Cybersecurity Firm Group-IB Fails

The advanced persistent threat APT actor known as Tonto Team carried out an unsuccessful attack on cybersecurity company Group-IB in June 2022. The Singapore-headquartered firm said that it detected and blocked malicious phishing emails originating from the group targeting its employees. It's als...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/13 7:58 a.m.48 views

Chinese Tonto Team Hackers' Second Attempt to Target Cybersecurity Firm Group-IB Fails

The advanced persistent threat APT actor known as Tonto Team carried out an unsuccessful attack on cybersecurity company Group-IB in June 2022. The Singapore-headquartered firm said that it detected and blocked malicious phishing emails originating from the group targeting its employees. It's als...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/14 2:38 p.m.30 views

China’s Tonto Team increases espionage activities against Russia

According to analyses of several cybersecurity firms and CERT Computer Emergency Response Team Ukraine CERT-UA, the state-sponsored threat actor group Tonto Team, which has been linked to China-backed cyber operations, is ramping up its spying campaign against Russian government agencies. The...

0.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/08/13 8:23 p.m.48 views

CactusPete APT Hones Toolset, Resurfaces with New Espionage Targets

The China-based APT known as CactusPete has returned with a new campaign aimed at military and financial targets in Eastern Europe, which is a new geography for the group’s victimology, according to researchers. The group also used a fresh variant of the Bisonal backdoor, which allows the attacke...

7.7AI score
Exploits0References5
Securelist
Securelist
added 2020/08/13 10:0 a.m.589 views

CactusPete APT group’s updated Bisonal backdoor

CactusPete also known as Karma Panda or Tonto Team is an APT group that has been publicly known since at least 2013. Some of the groups activities have been previously described in public by multiple sources. We have been investigating and privately reporting on this groups activity for years as...

7.6CVSS0.87814EPSS
Exploits9
Talos Blog
Talos Blog
added 2020/03/10 6:0 a.m.110 views

Bisonal: 10 years of play

By Warren Mercer, Paul Rascagneres and Vitor Ventura. Update 06/03/20: added samples from 2020. Executive summary Security researchers detected and exposed the Bisonal malware over the past 10 years. But the Tonto team, the threat actor behind it, didn't stop.The victimology didn't change over...

2.8AI score
Exploits0
Talos Blog
Talos Blog
added 2020/03/05 11:0 a.m.36 views

Threat Source newsletter (March 5, 2020)

Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Sure, all anyone wants to talk about is coronavirus. But what about cyber security? We’ve still got cool stuff, like this huge write-up ...

1AI score
Exploits0
Rows per page
Query Builder