Lucene search
K

32 matches found

The Hacker News
The Hacker News
added 2026/01/24 11:9 a.m.10 views

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. "The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign," Fortinet FortiGuard Labs...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/23 4:49 a.m.29 views

Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware

A suspected advanced persistent threat APT originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific APAC region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrusion activity, which w...

9.8CVSS7AI score0.99813EPSS
Exploits25
Talos Blog
Talos Blog
added 2024/06/21 12:0 p.m.37 views

SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques

Cisco Talos recently discovered an ongoing campaign from SneakyChef, a newly discovered threat actor using SugarGh0st malware, as early as August 2023. In the newly discovered campaign, we observed a wider scope of targets spread across countries in EMEA and Asia, compared with previous...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/16 1:48 p.m.14 views

North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign

The North Korea-linked Kimsuky hacking group has been attributed to a new social engineering attack that employs fictitious Facebook accounts to targets via Messenger and ultimately delivers malware. "The threat actor created a Facebook account with a fake identity disguised as a public official...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/14 2:1 p.m.24 views

New Pierogi++ Malware by Gaza Cyber Gang Targeting Palestinian Entities

A pro-Hamas threat actor known as Gaza Cyber Gang is targeting Palestinian entities using an updated version of a backdoor dubbed Pierogi. The findings come from SentinelOne, which has given the malware the name Pierogi++ owing to the fact that it's implemented in the C++ programming language...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/01 10:49 a.m.31 views

Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan

A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs and South Korean users with a remote access trojan called SugarGh0st RAT. The activity, which commenced no later than August 2023, leverages two different...

7.5AI score
Exploits0
Talos Blog
Talos Blog
added 2023/11/30 1:0 p.m.45 views

New SugarGh0st RAT targets Uzbekistan government and South Korea

Cisco Talos recently discovered a malicious campaign that likely started as early as August 2023, delivering a new remote access trojan RAT we dubbed "SugarGh0st." We found evidence suggesting the threat actor is targeting the Uzbekistan Ministry of Foreign Affairs and users in South Korea. We...

8.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/13 4:7 p.m.50 views

PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland

Government entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems. The intrusion set, which stretches from April 2022 to July 2023,...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/01 4:11 p.m.42 views

Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks

An analysis of the "evasive and tenacious" malware known as QBot has revealed that 25% of its command-and-control C2 servers are merely active for a single day. What's more, 50% of the servers don't remain active for more than a week, indicating the use of an adaptable and dynamic C2...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/24 9:59 a.m.2 views

Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies

A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte,...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/15 1:49 p.m.2 views

YoroTrooper Stealing Credentials and Information from Government and Energy Organizations

A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of a cyber espionage campaign that has been active since at least June 2022. "Information stolen from successful compromises include credentials...

7AI score
Exploits0
HackRead
HackRead
added 2022/11/20 1:28 a.m.14 views

Research sector targeted in new spear phishing attack using Google Drive

By Deeba Ahmed The attackers gain access to the network through decoy documents covering controversial geo-political topics to lure the targeted organizations into downloading and executing the malware. This is a post from HackRead.com Read the original post: Research sector targeted in new spear...

4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/27 9:46 a.m.32 views

North Korea's Lazarus Hackers Targeting macOS Users Interested in Crypto Jobs

The infamous Lazarus Group has continued its pattern of leveraging unsolicited job opportunities to deploy malware targeting Apple's macOS operating system. In the latest variant of the campaign observed by cybersecurity company SentinelOne last week, decoy documents advertising positions for the...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/15 12:25 p.m.18 views

Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware

An ongoing espionage campaign operated by the Russia-linked Gamaredon group is targeting employees of Ukrainian government, defense, and law enforcement agencies with a piece of custom-made information stealing malware. "The adversary is using phishing documents containing lures related to the...

1.4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/14 8:51 a.m.25 views

Researchers Detail OriginLogger RAT — Successor to Agent Tesla Malware

Palo Alto Networks Unit 42 has detailed the inner workings of a malware called OriginLogger, which has been touted as a successor to the widely used information stealer and remote access trojan RAT known as Agent Tesla. A .NET based keylogger and remote access, Agent Tesla has had a long-standing...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/02 1:39 p.m.26 views

Chinese "Override Panda" Hackers Resurface With New Espionage Attacks

A Chinese state-sponsored espionage group known as Override Panda has resurfaced in recent weeks with a new phishing attack with the goal of stealing sensitive information. "The Chinese APT used a spear-phishing email to deliver a beacon of a Red Team framework known as 'Viper,'" Cluster25 said i...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/04 11:13 a.m.98 views

Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware

At least three different advanced persistent threat APT groups from across the world have launched spear-phishing campaigns in mid-March 2022 using the ongoing Russo-Ukrainian war as a lure to distribute malware and steal sensitive information. The campaigns, undertaken by El Machete, Lyceum, and...

9.3CVSS1.3AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2022/03/23 11:59 a.m.33 views

Chinese 'Mustang Panda' Hackers Spotted Deploying New 'Hodur' Malware

A China-based advanced persistent threat APT known as Mustang Panda has been linked to an ongoing cyber espionage campaign using a previously undocumented variant of the PlugX remote access trojan on infected machines. Slovak cybersecurity firm ESET dubbed the new version Hodur, owing to its...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/08 9:31 a.m.47 views

SideCopy Hackers Target Indian Government Officials With New Malware

A cyber-espionage group has been observed increasingly targeting Indian government personnel as part of a broad campaign to infect victims with as many as four new custom remote access trojans RATs, signaling a "boost in their development operations." Attributed to a group tracked as SideCopy, th...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/06/03 10:28 a.m.53 views

Experts Uncover Yet Another Chinese Spying Campaign Aimed at Southeast Asia

An ongoing cyber-espionage operation with suspected ties to China has been found targeting a Southeast Asian government to deploy spyware on Windows systems while staying under the radar for more than three years. "In this campaign, the attackers utilized the set of Microsoft Office exploits and...

0.3AI score
Exploits0
Rows per page
Query Builder