38 matches found
Iran-Linked MuddyWater Targets 100+ Organizations in Global Espionage Campaign
The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa MENA region, including over 100 government entities. The...
EUVD-2014-6663
Malware in sbrugna...
Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware
Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years. "Phantom Taurus' main focus areas include ministries of forei...
DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware
A threat actor with suspected ties to India has been observed targeting a European foreign affairs ministry with malware capable of harvesting sensitive data from compromised hosts. The activity has been attributed by Trellix Advanced Research Center to an advanced persistent threat APT group...
Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign
A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA Europe, Middle East, and Africa with SugarGh0st malware since at least August 2023. "SneakyChef uses lures that are...
SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques
Cisco Talos recently discovered an ongoing campaign from SneakyChef, a newly discovered threat actor using SugarGh0st malware, as early as August 2023. In the newly discovered campaign, we observed a wider scope of targets spread across countries in EMEA and Asia, compared with previous...
Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed
Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat APT group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022. "An analysis of this threat actor's activity reveals long-term...
Patch now! Ivanti Endpoint Manager Mobile Authentication vulnerability used in the wild
The Cybersecurity and Infrastructure Security Agency CISA added one new vulnerability to its Known Exploited Vulnerabilities Catalog affecting Ivanti Endpoint Manager Mobile, based on evidence of active exploitation. All Federal Civilian Executive Branch FCEB agencies must remediate this...
Norway Probes Major Cyberattack on 12 Government Ministries
By Habiba Rashid The cyberattack was discovered earlier this month. This is a post from HackRead.com Read the original post: Norway Probes Major Cyberattack on 12 Government Ministries...
European Ministries Fall Victim to Chinese Hacker’s SmugX Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A Chinese nation-state group has been persistently conducting a campaign targeting Foreign Affairs ministries and embassies in Europe. They employ HTML smuggling techniques to distribute a new variant of...
Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX
A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to deliver the PlugX remote access trojan on compromised systems. Cybersecurity firm Check Point said the activity, dubbed SmugX, has been ongoing since at...
Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX
A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to deliver the PlugX remote access trojan on compromised systems. Cybersecurity firm Check Point said the activity, dubbed SmugX , has been ongoing since at...
Flea APT Targets Foreign Ministries with New Backdoor.Graphican
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Flea APT15 targeted foreign ministries with their new backdoor, Backdoor.Graphican, leveraging Microsoft Graph API and OneDrive for C&C communication. To receive real-time threat advisories, please follo...
Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor
Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom's Symantec, involved a new backdoor codenamed Graphican. Some of the other targets...
Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities
The Russia-linked APT29 aka Cozy Bear threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland's Military Counterintelligence Service and the CERT...
Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities
The Russia-linked APT29 aka Cozy Bear threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland's Military Counterintelligence Service and the CERT...
ephrataministries.org Cross Site Scripting vulnerability OBB-3205629
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Researchers Uncover Connection b/w Moses Staff and Emerging Abraham's Ax Hacktivists Group
New research has linked the operations of a politically motivated hacktivist group known as Moses Staff to another nascent threat actor named Abraham's Ax that emerged in November 2022. This is based on "several commonalities across the iconography, videography, and leak sites used by the groups,...
Researchers Warn of Ongoing Mass Exploitation of Zimbra RCE Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added two flaws to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The two high-severity issues relate to weaknesses in Zimbra Collaboration, both of which could be chained to achieve...
Russian APT28 Hackers Using COVID-19 as Bait to Deliver Zebrocy Malware
A Russian threat actor known for its malware campaigns has reappeared in the threat landscape with yet another attack leveraging COVID-19 as phishing lures, once again indicating how adversaries are adept at repurposing the current world events to their advantage. Linking the operation to a...