Lucene search
K

12 matches found

HackRead
HackRead
added 2026/04/13 3:20 p.m.9 views

BITTER APT Uses Signal, Google, and Zoom Lures to Spread ProSpy Spyware

BITTER APT spreads ProSpy and ToSpy via Signal, Google, and Zoom lures, targeting journalists through LinkedIn and iMessage spearphishing...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/05 1:53 p.m.22 views

Researchers Detail Bitter APT's Evolving Tactics as Its Geographic Scope Expands

The threat actor known as Bitter has been assessed to be a state-backed hacking group that's tasked with gathering intelligence that aligns with the interests of the Indian government. That's according to new findings jointly published by Proofpoint and Threatray in an exhaustive two-part analysi...

8.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/17 11:7 a.m.7 views

Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware

A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT. "The attack chain used alternate data streams in a RAR archive to deliver a shortcut LNK file that...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/08 7:0 a.m.47 views

Meta Cracks Down on Cyber Espionage Operations in South Asia Abusing Facebook

Facebook parent company Meta disclosed that it took action against two espionage operations in South Asia that leveraged its social media platforms to distribute malware to potential targets. The first set of activities is what the company described as "persistent and well-resourced" and undertak...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/06 9:51 a.m.77 views

Bitter APT Hackers Continue to Target Bangladesh Military Entities

Military entities located in Bangladesh continue to be at the receiving end of sustained cyberattacks by an advanced persistent threat tracked as Bitter. "Through malicious document files and intermediate malware stages the threat actors conduct espionage by deploying Remote Access Trojans,"...

9.3CVSS0.3AI score0.95121EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/05/11 12:37 p.m.527 views

Bitter APT Hackers Add Bangladesh to Their List of Targets in South Asia

An espionage-focused threat actor known for targeting China, Pakistan, and Saudi Arabia has expanded to set its sights on Bangladeshi government organizations as part of an ongoing campaign that commenced in August 2021. Cybersecurity firm Cisco Talos attributed the activity with moderate...

9.3CVSS1.9AI score0.99945EPSS
Exploits57
Talos Blog
Talos Blog
added 2022/05/11 5:0 a.m.18 views

Bitter APT adds Bangladesh to their targets

Cisco Talos has observed an ongoing malicious campaign since August 2021 from the Bitter APT group that appears to target users in Bangladesh, a change from the attackers' usual victims.As part of this, there's a new trojan based on Apost Talos is calling "ZxxZ," that, among other... This is only...

1.9AI score
Exploits0
Securelist
Securelist
added 2021/08/12 10:0 a.m.615 views

IT threat evolution Q2 2021

Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous "DLL side-loading triad": a legitimate executable, a malicious DLL to be side-loaded by it and an encoded payload,...

9.3CVSS0.99999EPSS
Exploits84
Securelist
Securelist
added 2021/04/13 5:35 p.m.16247 views

Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild

While analyzing the CVE-2021-1732 exploit originally discovered by the DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group, we discovered another zero-day exploit we believe is linked to the same actor. We reported this new exploit to Microsoft in February and after...

7.2CVSS8.9AI score0.78376EPSS
Exploits21
ATTACKERKB
ATTACKERKB
added 2021/04/13 12:0 a.m.340 views

CVE-2021-28310

Win32k Elevation of Privilege Vulnerability Recent assessments: ccondon-r7 at April 13, 2021 8:41pm UTC reported: Ah, another day, another Win32k privilege escalation used in the wild. Securelist has a good write-up on this bug, which they discovered because it was used in a BITTER APT zero-day...

7.8CVSS8.3AI score0.78376EPSS
In wildExploits21References3
seebug.org
seebug.org
added 2021/03/26 12:0 a.m.216 views

Microsoft Windows本地提权漏洞(CVE-2021-1732)

CVE-2021-1732: win32kfull xxxCreateWindowEx callback out-of-bounds Mar 25, 2021 • iamelli0t CVE-2021-1732 is a 0-Day vulnerability exploited by the BITTER APT organization in one operation which was disclosed in February this year123. This vulnerability exploits a user mode callback opportunity i...

4.6CVSS0.78376EPSS
Exploits21
Positive Technologies
Positive Technologies
added 2021/02/09 12:0 a.m.2 views

PT-2021-2075

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Windows 10 versions prior to February 2021 Description A memory buffer overflow and type confusion issue exists in the Win32k component of the Windows kernel. During the execution of the...

7.8CVSS7.8AI score0.78376EPSS
Exploits21References74
Rows per page
Query Builder