Lucene search
+L

6 matches found

talosblog
talosblog
added 2026/05/05 10:0 a.m.13 views

UAT-8302 and its box full of malware

Cisco Talos is disclosing UAT-8302, a sophisticated, China-nexus advanced persistent threat APT group targeting government entities in South America since at least late 2024 and government agencies in southeastern Europe in 2025. After successful compromises, UAT-8302 deploys multiple custom-made...

8.8CVSS7.4AI score0.28261EPSS
Exploits0
securelist
securelist
added 2024/11/29 10:0 a.m.26 views

IT threat evolution Q3 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations...

8.2AI score0.97798EPSS
Exploits49
securelist
securelist
added 2024/08/14 12:0 p.m.16 views

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

In late July 2024, we detected a series of ongoing targeted cyberattacks on dozens of computers at Russian government organizations and IT companies. The threat actors infected devices using phishing emails with malicious shortcut attachments. These shortcuts were used to deliver malware that...

7.5AI score
Exploits0
thn
thn
added 2024/08/12 3:43 a.m.26 views

EastWind Attack Deploys PlugY and GrewApacha Backdoors Using Booby-Trapped LNK Files

The Russian government and IT organizations are the target of a new campaign that delivers a number of backdoors and trojans as part of a spear-phishing campaign codenamed EastWind. The attack chains are characterized by the use of RAR archive attachments containing a Windows shortcut LNK file...

7.9AI score
Exploits0
thn
thn
added 2024/07/08 3:42 p.m.36 views

New APT Group "CloudSorcerer" Targets Russian Government Entities

A previously undocumented advanced persistent threat APT group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control C2 and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, said...

7.5AI score
Exploits0
securelist
securelist
added 2024/07/08 7:0 a.m.32 views

CloudSorcerer – A new APT targeting Russian government entities

In May 2024, we discovered a new advanced persistent threat APT targeting Russian government entities that we dubbed CloudSorcerer. Its a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud...

7.2AI score
Exploits0
Rows per page
Query Builder