Lucene search
K

6 matches found

hivepro
hivepro
added 2023/12/13 11:22 a.m.7 views

The Unseen Thread Linking Sandman APT and KEYPLUG Backdoor

Summary: The Sandman Advanced Persistent Threat APT is closely linked to suspected threat clusters originating from China, specifically identified as Storm-0866, also known as Red Dev 40. Within the same victim environments, the Sandmans Lua-based malware, LuaDream, and the KEYPLUG backdoor have...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/11 1:59 p.m.20 views

Researchers Unmask Sandman APT's Hidden Link to China-Based KEYPLUG Backdoor

Tactical and targeting overlaps have been discovered between the enigmatic advanced persistent threat APT called Sandman and a China-based threat cluster that's known to use a backdoor referred to as KEYPLUG. The assessment comes jointly from SentinelOne, PwC, and the Microsoft Threat Intelligenc...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/30 3:58 p.m.111 views

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range o...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/30 3:58 p.m.3 views

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range o...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/12 5:0 p.m.23 views

Winnti APT group docks in Sri Lanka for new campaign

In early August, the Malwarebytes Threat Intelligence team identified a new attack targeting government entities in Sri Lanka. The threat actors used multiple layers of protection and techniques to make analysis harder and hide their final payload. However, based on tactic, techniques and...

1.5AI score
Exploits0
hivepro
hivepro
added 2022/03/09 2:37 p.m.40 views

Chinese state-sponsored threat group APT41 targets U.S. critical organizations using two Zero-Days

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A China state-sponsored threat group known as APT41 is observed compromising at least six U.S. state governments networks in a threat campaign beginning from May 2021. APT41 is a well-known Chinese state-sponsored espionage...

9.3CVSS0.2AI score0.99999EPSS
Exploits347
Rows per page
Query Builder