9 matches found
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware
High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder. "The attackers used spear phishing emails paired with geofenced payloads to ensure that only victims in specific countries...
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa
Maritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat APT group dubbed SideWinder. The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates,...
SideWinder targets the maritime and nuclear sectors with an updated toolset
Last year, we published an article about SideWinder, a highly prolific APT group whose primary targets have been military and government entities in Pakistan, Sri Lanka, China, and Nepal. In it, we described activities that had mostly happened in the first half of the year. We tried to draw...
SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack
An advanced persistent threat APT actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa. The activity has been attributed to a group tracked as SideWinder, which is also known as...
Actors, Threats and Vulnerabilities 08 to 14 May 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, identified a total of nine attacks that were executed. Additionally, HiveForce Labs identified four different...
Uncovering the Latest Tactics of the SideWinder APT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SideWinder APT group uses advanced tactics like spear-phishing, DLL side-loading & more. A new server-side polymorphism technique, highlighting the need for multi-layered security measures. To receive...
InSideCopy: How this APT continues to evolve its arsenal
By Asheer Malhotra and Justin Thattil. Cisco Talos is tracking an increase in SideCopy's activities targeting government personnel in India using themes and tactics similar to APT36 aka Mythic Leopard and Transparent Tribe.SideCopy is an APT group that mimics the Sidewinder APT's infection... Thi...
This Week in Security News: INTERPOL Collaboration Reduces Cryptojacking by 78% and Three Malicious Apps Found on Google Play May be Linked to SideWinder APT Group
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how Trend Micro’s collaboration with INTERPOL’s Global Complex for Innovation helped reduce cryptojacking by 78% in Southeast...
3 Google Play Store Apps Exploit Android Zero-Day Used by NSO Group
Watch out! If you have any of the below-mentioned file managers and photography apps installed on your Android phone—even if downloaded from the official Google Store store—you have been hacked and being tracked. These newly detected malicious Android apps are Camero, FileCrypt, and callCam that...