Lucene search
K

5 matches found

Securelist
Securelist
added 2025/07/21 8:0 a.m.21 views

The SOC files: Rumble in the jungle or APT41’s new target in Africa

Introduction Some time ago, Kaspersky MDR analysts detected a targeted attack against government IT services in the African region. The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware. One of the C2s was a captive SharePoint serve...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/14 1:27 p.m.35 views

New Chinese Cyberespionage Group Targeting IT Service Providers and Telcos

Telecommunications and IT service providers in the Middle East and Asia are being targeted by a previously undocumented Chinese-speaking threat group dubbed WIP19. The espionage-related attacks are characterized by the use of a stolen digital certificate issued by a Korean company called DEEPSoft...

1AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/28 10:58 a.m.54 views

Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers

A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan RAT on compromised systems. Attributing the intrusions to a threat actor...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/28 10:6 a.m.61 views

Hackers Posed as Aerobics Instructors for Years to Target Aerospace Employees

An Iranian cyberespionage group masqueraded as an aerobics instructor on Facebook in an attempt to infect the machine of an employee of an aerospace defense contractor with malware as part of a years-long social engineering and targeted malware campaign. Enterprise security firm Proofpoint...

1.9AI score
Exploits0
ThreatPost
ThreatPost
added 2019/07/18 3:48 p.m.377 views

Ke3chang APT Linked to Previously Undocumented Backdoor

The Ke3chang cyberespionage group, a.k.a. APT15, Mirage, Playful Dragon or Vixen Panda, has been tied to a backdoor called Okrum that has been used to target diplomatic missions throughout Europe and Latin America. The attribution widens the scope of known Ke3chang activity, an APT believed to be...

7.8AI score
Exploits0References8
Rows per page
Query Builder