9 matches found
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware
A previously undocumented China-aligned threat cluster dubbed LongNosedGoblin has been attributed to a series of cyber attacks targeting governmental entities in Southeast Asia and Japan. The end goal of these attacks is cyber espionage, Slovak cybersecurity company ESET said in a report publishe...
From HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage Malware
A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL. "The initially observed campaigns were tailored to the targets, and the message...
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services IIS servers as an initial breach route to deploy malware on targeted systems. The findings come from the AhnLab Security Emergency response Center ASEC, which detailed the advanced...
Novel ‘Victory’ Backdoor Spotted in Chinese APT Campaign
An ongoing surveillance operation has been uncovered that targets a Southeast Asian government, researchers said – using a previously unknown espionage malware. According to Check Point Research, the attack involves spear-phishing emails with malicious Word documents to gain initial access, along...
Gaza Cybergang Returns With New Attacks On Palestinian Authority
Security researchers from Check Point Threat Intelligence Team have discovered the comeback of an APT advanced persistent threat surveillance group targeting institutions across the Middle East, specifically the Palestinian Authority. The attack, dubbed "Big Bang," begins with a phishing email se...
FBI Flash Warning Alerts Businesses to Wiper Malware Attacks
The FBI issued a five-page flash warning yesterday urging American enterprises to be on the lookout for wiper malware. The alert, a Reuters report said, described some details about the malware but kept the victim anonymous. It’s general practice for the FBI not to name victims in such alerts. Th...
Oil, Energy Watering Hole Attacks Linked to DOL attack
A string of watering hole attacks targeting oil and energy companies dating back to May could be linked to similar attacks against the U.S. Department of Labor website. Researchers at Cisco discovered the compromised domains of 10 oil and energy companies worldwide, including hydroelectric plants...
njRAT Attacks Spike Against Middle East High-Value Targets
Government agencies, telecom and energy organizations in the Middle East are being targeted by espionage malware known as njRAT. The remote access Trojan is thorough in its data-stealing capabilities. Beyond dropping a keylogger, variants are capable of accessing a computer’s camera, stealing...
Two-Factor Authentication Won't Stop Twitter Compromises
The hijacking of high-profile Twitter accounts belonging to the Associated Press and Guardian UK newspaper brings to light numerous security shortcomings, namely the susceptibility users still have when it comes to phishing attacks, their propensity to use weak passwords, and the inability to...