IT threat evolution Q3 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations...

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them with a previously undocumented backdoor dubbed MISTPEN. The activity cluster is being tracked by Google-owned Mandiant...

Chinese APT41 Upgrades Malware Arsenal with DodgeBox and MoonWalk

The China-linked advanced persistent threat APT group codenamed APT41 is suspected to be using an "advanced and upgraded version" of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector – which is also referred to as...

North-Korean Cyber-Espionage Operations Grapples Defense Sector

Summary: There is an ongoing cyber-espionage campaign purportedly led by the North Korean threat actors, specifically targeting the global defense industry. The primary objective of these attacks is to acquire data pertaining to advanced military technology, with the intention of assisting North...

Big-Name Targets Push Midnight Blizzard Hacking Spree Back Into the Limelight

Newly disclosed breaches of Microsoft and Hewlett-Packard Enterprise highlight the persistent threat posed by Midnight Blizzard, a notorious Russian cyber-espionage group...

Kimsuky Unveils New Addition to Its Malware Arsenal

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Kimsuky, a cyber-espionage group, is known for infiltrating via spear-phishing attacks, and is recognized for its versatility in using various types of malware and tools to facilitate remote control durin...

Deadglyph: A New Backdoor Linked to Stealth Falcon APT in the Middle East

By Waqas Stealth Falcon APT group is notorious for its cyber-espionage campaigns in the Middle East. This is a post from HackRead.com Read the original post: Deadglyph: A New Backdoor Linked to Stealth Falcon APT in the Middle East...

European Bank Customers Targeted in SpyNote Android Trojan Campaign

Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. "The spyware is distributed through email phishing or smishing campaigns and the fraudulent activities are executed with a...

Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign. The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell. Patchwork, also...

State-Sponsored Hackers Target Middle Eastern and African Governments

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Persistent cyber-espionage attacks, targeting governmental entities in the Middle East and Africa, have been unleashed by a group known as CL-STA-0043. This group has employed unprecedented methods to...

State-Backed Hackers Employ Advanced Methods to Target Middle Eastern and African Governments

Governmental entities in the Middle East and Africa have been at the receiving end of sustained cyber-espionage attacks that leverage never-before-seen and rare credential theft and Exchange email exfiltration techniques. "The main goal of the attacks was to obtain highly confidential and sensiti...

Snake a Stealthy Cyber-Espionage Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Snake is a powerful cyber-espionage malware developed by FSB & linked to Turla hackers. Boasts high stealth, rigorous engineering & global reach. To receive real-time threat advisories, please follow...

Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan

A little-known Russian-speaking cyber-espionage group has been linked to a new politically-motivated surveillance campaign targeting high-ranking government officials, telecom services, and public service infrastructures in Tajikistan. The intrusion set, dubbed Paperbug by Swiss cybersecurity...

Desert Falcon Strikes with an Upgraded Arsenal

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Desert Falcons, a cyber-espionage group, has been seen deploying upgraded variants of its malware toolset in strikes against Palestine and Middle Eastern entities. To receive real-time threat advisories,...

Sharp Panda A Sophisticated Cyber-Espionage Campaign Targeting Governments

Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The Sharp Panda cyber-espionage campaign, which has been active for a considerable period, focuses on infiltrating government entities in Southeast Asia. This operatio...

Worok cyber-espionage gang preys on high-profile Asian businesses and governments

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Worok, a newly uncovered cyber-espionage gang, has been targeting governments and high-profile companies in Asia since at least 2020 using a combination of unique and existing harmful tools. This group of...

APT trends report Q2 2022

For five years, the Global Research and Analysis Team GReAT at Kaspersky has been publishing quarterly summaries of advanced persistent threat APT activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and...

Justice Department Appoints First Director of National Cryptocurrency Enforcement Team

The U.S. Department of Justice DoJ earlier this week appointed Eun Young Choi to serve as the first Director of the National Cryptocurrency Enforcement Team NCET it established last year. The NCET was created to tackle the criminal misuse of cryptocurrencies and digital assets," with a focus on...

MacOS Malware ‘DazzleSpy’ Used in Watering-Hole Attacks

A new family of cyber-espionage malware targeting macOS and delivered via a Safari exploit was used against politically active, pro-democracy residents of Hong Kong, in August watering-hole attacks initially discovered by Google TAG, researchers said on Tuesday. The watering-hole attacks – which...

RedCurl Corporate Espionage Hackers Return With Updated Hacking Tools

A corporate cyber-espionage hacker group has resurfaced after a seven-month hiatus with new intrusions targeting four companies this year, including one of the largest wholesale stores in Russia, while simultaneously making tactical improvements to its toolset in an attempt to thwart analysis. "I...