10 matches found
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack
The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them. "To execute this tactic, the threat actor masquerades a...
Starry Addax targets human rights defenders in North Africa with new malware
Cisco Talos is disclosing a new threat actor we deemed "Starry Addax" targeting mostly human rights activists associated with the Sahrawi Arab Democratic Republic SADR cause with a novel mobile malware. Starry Addax conducts phishing attacks tricking their targets into installing malicious Androi...
Little Crumbs Can Lead To Giants
This week is the Virus Bulletin Conference in London. Part of the conference is the Cyber Threat Alliance summit, where CTA members like Rapid7 showcase their research into all kinds of cyber threats and techniques. Traditionally, when we investigate a campaign, the focus is mostly on the code of...
Prime Minister’s Office Compromised: Details of Recent Espionage Campaign
Prime Minister’s Office Compromised: Details of Recent Espionage Campaign By Marc Elias · January 25, 2022 A special thanks to Christiaan Beek, Alexandre Mundo, Leandro Velasco and Max Kersten for malware analysis and support during this investigation. Executive Summary Our Advanced Threat Resear...
LuminousMoth APT: Sweeping attacks for the chosen few
APT actors are known for the frequently targeted nature of their attacks. Typically, they will handpick a set of targets that in turn are handled with almost surgical precision, with infection vectors, malicious implants and payloads being tailored to the victims identities or environment. Its no...
Knoxville Ransomware Attack Leads to IT Network Shutdown
The city of Knoxville, Tenn. is reeling from a ransomware attack that knocked the city’s network offline and prevented police officers from responding to non-life-threatening traffic crashes. The incident occurred Wednesday and shuttered systems until Thursday. Also impacted was the city’s intern...
A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments
Phishing is still one of the widely used strategies by cybercriminals and espionage groups to gain an initial foothold on the targeted systems. Though hacking someone with phishing attacks was easy a decade ago, the evolution of threat detection technologies and cyber awareness among people has...
Chinese Groups Found Targeting Govt, Military Systems
Two Chinese cyber espionage campaigns are working in tandem in hopes of sniffing out trade secrets from surrounding nations. Researchers from FireEye outlined information about the two attack groups yesterday in advance of a more comprehensive report. One of the groups, Moafree, operates out of t...
Winnti Cyberespionage Campaign Targets Gaming Companies
A cybercrime gang has been running roughshod over the gaming industry for years using malware signed with valid digital certificates to steal source code and valuable in-game currency for a number of popular online games. Researchers at Kaspersky Lab this morning published a report on the Winnti...
Human Rights Activists targeted with new Android malware
Tibetan and Uyghur activists are once again targeted with a new malware, specially designed for Android devices. This is the first documented attack that targets Android smartphones. Security researchers at Kaspersky say they've found a targeted malware attack on Android phones that seems to come...