Lucene search
K

22 matches found

The Hacker News
The Hacker News
added 2025/01/30 4:25 p.m.15 views

Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations

Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence AI technology powered by Google to further enable their malicious cyber and information operations. "Threat actors are experimenting with Gemini to enable their...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/23 11:20 a.m.16 views

THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 16-22)

Hold on tight, folks, because last week's cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling "dream jobs" to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domain names and cloud...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/20 10:11 a.m.48 views

Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East

An Iranian advanced persistent threat APT threat actor likely affiliated with the Ministry of Intelligence and Security MOIS is now acting as an initial access facilitator that provides remote access to target networks. Google-owned Mandiant is tracking the activity cluster under the moniker...

9.8CVSS7.4AI score0.99913EPSS
Exploits29
Malwarebytes
Malwarebytes
added 2022/05/19 1:7 p.m.19 views

Cardiologist moonlighted as successful ransomware developer

The US has charged a 55-year-old French-Venezuelan cardiologist from Venezuela with "attempted computer intrusions and conspiracy to commit computer intrusions". This was revealed in an unsealed complaint in a federal court in Brooklyn, New York. Moises Luis Zagala Gonzales worked as a ransomware...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/04 11:13 a.m.98 views

Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware

At least three different advanced persistent threat APT groups from across the world have launched spear-phishing campaigns in mid-March 2022 using the ongoing Russo-Ukrainian war as a lure to distribute malware and steal sensitive information. The campaigns, undertaken by El Machete, Lyceum, and...

9.3CVSS1.3AI score0.99945EPSS
Exploits33
Malwarebytes
Malwarebytes
added 2022/02/25 6:54 p.m.22 views

CISA warns of cyberespionage by Iranian APT “MuddyWater”

Cybersecurity agencies in the US and UK have issued a joint cybersecurity advisory CSA on MuddyWater, a government-sponsored Iranian advanced persistent threat APT actor. The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, the US Cyber Command Cyber...

0.8AI score
Exploits0
CISA
CISA
added 2022/01/12 12:0 a.m.21 views

CNMF Identifies and Discloses Malware used by Iranian APT MuddyWater

U.S. Cyber Command’s Cyber National Mission Force CNMF has identified multiple open-source tools used by an Iranian advanced persistent threat APT group known as MuddyWater. According to CNMF, “MuddyWater has been seen using a variety of techniques to maintain access to victim networks. These...

7AI score
Exploits0References2
Malwarebytes
Malwarebytes
added 2021/11/22 12:53 p.m.29 views

A week in security (Nov 15 – Nov 21)

Last week on Malwarebytes Labs Instagram’s memorialize feature abused to memorialize…Instagram’s boss Evasive manoeuvres: HTML smuggling explained FBI server hijacked to send up to 100,000 bogus attack mails New Mac malware raises more questions about Apple’s security patching SharkBot Android...

6.6AI score
Exploits0
hivepro
hivepro
added 2021/10/07 11:43 a.m.24 views

Iranian APT is targeting Middle Eastern Aerospace and Telecommunications companies

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. ShellClient is a powerful new Remote Access Trojan RAT that was used in highly targeted attacks on a select few Aerospace and Telecommunications firms, primarily in the Middle East, with other victims in the United States,...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/08/03 8:16 p.m.52 views

Iranian APT Lures Defense Contractor in Catfishing-Malware Scam

Most people have probably heard of catfishing. That’s when someone adopts a fake online persona, usually to trick someone into falling in love. Now, threat actors have developed their own spin on the grift, developing appealing — objectively hot — profiles to charm victims into downloading malwar...

6.6AI score
Exploits0References9
Malwarebytes
Malwarebytes
added 2021/01/18 11:30 a.m.55 views

A week in security (January 11 – January 17)

Last week on Malwarebytes Labs, we looked at IoT problems, Microsoft’s Patch Tuesday, and how cybercriminals want access to your cloud services. We also explored how VPNs can protect your privacy, and asked if MSPs have picked the right PSA. Other cybersecurity news Hot phishing targets: Some...

Exploits0
ICS
ICS
added 2020/11/03 12:0 p.m.21 views

Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure...

10AI score
Exploits0References41
CISA
CISA
added 2020/10/30 12:0 a.m.13 views

CISA and FBI Release Joint Advisory on Iranian APT Actor Targeting Voter Registration Data

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint cybersecurity advisory on an Iranian advanced persistent threat APT actor targeting U.S. state websites, including elections websites, to obtain voter registration data. Joi...

6.7AI score
Exploits0References1
ICS
ICS
added 2020/10/22 12:0 p.m.62 views

Iranian Advanced Persistent Threat Actors Threaten Election-Related Systems

Summary The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI are warning that Iranian advanced persistent threat APT actors are likely intent on influencing and interfering with the U.S. elections to sow discord among voters and undermine public...

10CVSS10AI score0.99999EPSS
Exploits65References61
CISA
CISA
added 2020/10/22 12:0 a.m.13 views

CISA and FBI Release Joint Advisories Regarding Russian and Iranian APT Actors

The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released two joint cybersecurity advisories on widespread advanced persistent threat APT activity. Joint Cybersecurity Advisory: AA20-296A Russian State-Sponsored Advanced Persistent Threat...

6.6AI score
Exploits0References3
Malwarebytes
Malwarebytes
added 2020/09/14 2:49 p.m.33 views

Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions. These sometimes helpful online tools that work directly...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/05/21 8:11 a.m.85 views

Iranian APT Group Targets Governments in Kuwait and Saudi Arabia

Today, cybersecurity researchers shed light on an Iranian cyber espionage campaign directed against critical infrastructures in Kuwait and Saudi Arabia. Bitdefender said the intelligence-gathering operations were conducted by Chafer APT also known as APT39 or Remix Kitten, a threat actor known fo...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2020/02/26 2:0 p.m.72 views

Iranian APT Targets Govs With New Malware

SAN FRANCISCO – A never before seen credential-stealing malware, dubbed ForeLord, has been uncovered in recent spear phishing emails. Researchers have attributed the campaign to a known Iranian advanced persistence threat APT group. The emails distributing ForeLord were uncovered as part of a...

1.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/10/21 5:52 p.m.61 views

Turla Compromises, Infiltrates Iranian APT Infrastructure

The Turla APT group has been spotted co-opting two cyberweapons from an Iranian APT APT 34, according to one set of researchers, known as the Nautilus and Neuron implants, and deploying them against targets in the Middle East. The group also infiltrated the global operational infrastructure used ...

0.3AI score
Exploits0References8
CISA
CISA
added 2019/10/21 12:0 a.m.14 views

NSA and NCSC Release Joint Advisory on Turla Group Activity

The National Security Agency NSA and the United Kingdom National Cyber Security Centre NCSC have released a joint advisory on advanced persistent threat APT group Turla—widely reported to be Russian and also known as Snake, Uroburos, VENEMOUS BEAR, or Waterbug. The advisory provides an update to...

6.7AI score
Exploits0References7
Rows per page
Query Builder