Lucene search
+L

6 matches found

hivepro
hivepro
added 2024/02/19 8:8 a.m.13 views

Turla Expands Their Arsenal with Next-Generation Malwares

Summary: In December 2023, a new backdoor dubbed TinyTurla-NG was deployed by the Russia-affiliated threat actor Turla as part of a three-month campaign targeting Polish non-governmental organizations NGOs. The threat actor utilized malicious PowerShell scripts hosted on various websites,...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/25 10:25 a.m.43 views

Researchers Uncover Kimusky Infra Targeting South Korean Politicians and Diplomats

The North Korean nation-state group Kimusky has been linked to a new set of malicious activities directed against political and diplomatic entities located in its southern counterpart since early 2022. Russian cybersecurity firm Kaspersky codenamed the cluster GoldDragon, with the infection chain...

0.8AI score
Exploits0
Securelist
Securelist
added 2022/08/25 1:0 a.m.23 views

Kimsuky’s GoldDragon cluster and its C2 operations

Kimsuky also known as Thallium, Black Banshee and Velvet Chollima is a prolific and active threat actor primarily targeting Korea-related entities. Like other sophisticated adversaries, this group also updates its tools very quickly. In early 2022, we observed this group was attacking the media a...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/09 11:25 a.m.50 views

Iranian Hackers Using New Marlin Backdoor in 'Out to Sea' Espionage Campaign

An advanced persistent threat APT group with ties to Iran has refreshed its malware toolset to include a new backdoor dubbed Marlin as part of a long-running espionage campaign that started in April 2018. Slovak cybersecurity company ESET attributed the attacks — codenamed "Out to Sea" — to a...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2021/08/19 8:19 p.m.113 views

InkySquid State Actor Exploiting Known IE Bugs

The InkySquid advanced persistent threat APT group, which researchers have linked to the North Korean government, was caught launching watering hole attacks against a South Korean newspaper using known Internet Explorer vulnerabilities. New analysis from Volexity reported its team of researchers...

8.8CVSS8.9AI score0.80667EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2020/11/05 7:33 p.m.33 views

North Korean Hackers Used 'Torisma' Spyware in Job Offers-based Attacks

A cyberespionage campaign aimed at aerospace and defense sectors in order to install data gathering implants on victims' machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought. The attacks, which targeted IP-addresses belonging to...

0.5AI score
Exploits0
Rows per page
Query Builder