36 matches found
Kazuar: Anatomy of a nation-state botnet
In this article 1. Delivery 2. Module types 3. Botnet operations 4. Who is Secret Blizzard? 5. Mitigation and protection guidance 6. Microsoft Defender detections Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for...
Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
A previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42. In addition, the hacking crew has been...
Chinese Tech Firm Leak Reportedly Exposes State Linked Hacking
A massive data leak reportedly at Chinese firm Knownsec Chuangyu exposed 12,000 files detailing state-backed 'cyber weapons' and spying on over 20 countries. See the details, including 95GB of stolen Indian immigration data...
Researchers Detail Bitter APT's Evolving Tactics as Its Geographic Scope Expands
The threat actor known as Bitter has been assessed to be a state-backed hacking group that's tasked with gathering intelligence that aligns with the interests of the Indian government. That's according to new findings jointly published by Proofpoint and Threatray in an exhaustive two-part analysi...
U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations
The U.S. Department of Justice DoJ has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally. The individuals include two officers of the People's Republic of China's PRC Ministr...
Hackers Tricking Users Into Linking Devices to Steal Signal Messages
Is your Signal, WhatsApp, or Telegram account safe? Google warns of increasing attacks by Russian state-backed groups. Learn…...
Russian APT29 Using NSO Group-Style Exploits in Attacks, Google
Google’s Threat Analysis Group TAG has exposed a new campaign by Russian state-backed APT29, also known as Cozy…...
Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack
Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would...
3 New State-Backed Gangs Target Govt Sectors with HEAT Attack Methods
Global cyber gangs are evolving rapidly, wielding advanced techniques and enjoying state sponsorship. Menlo Security’s latest report exposes…...
Online Privacy and Overfishing
Microsoft recently caught state-backed hackers using its generative AI tools to help with their attacks. In the security community, the immediate questions werent about how hackers were using the tools that was utterly predictable, but about how Microsoft figured it out. The natural conclusion wa...
APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data
The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud...
Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack
Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 CVSS score: 10.0, could be weaponized to obtain unauthenticated remote shell command execution o...
Finland Blames Chinese Hacking Group APT31 for Parliament Cyber Attack
The Police of Finland aka Poliisi has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country's Parliament in 2020. The intrusion, per the authorities, is said to have occurred between fall 2020 and early 2021. The agency described the...
Google TAG Reports Zero-Day Surge and Rise of State Hacker Threats
By Waqas Googles Threat Analysis Group TAG reports a concerning rise in zero-day exploits and increased activity from state-backed hackers.… This is a post from HackRead.com Read the original post: Google TAG Reports Zero-Day Surge and Rise of State Hacker Threats...
New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion
Cybersecurity researchers have discovered a new Linux variant of a remote access trojan RAT called BIFROSE aka Bifrost that uses a deceptive domain mimicking VMware. "This latest version of Bifrost aims to bypass security measures and compromise targeted systems," Palo Alto Networks Unit 42...
Alert: Ivanti Releases Patch for Critical Vulnerability in Endpoint Manager Solution
Ivanti has released security updates to address a critical flaw impacting its Endpoint Manager EPM solution that, if successfully exploited, could result in remote code execution RCE on susceptible servers. Tracked as CVE-2023-39336, the vulnerability has been rated 9.6 out of 10 on the CVSS...
Hackers Attack UK’s Nuclear Waste Services Through LinkedIn
By Deeba Ahmed LinkedIn users, especially employees managing pages for large corporations, must remain vigilant as the platform has become a lucrative target for cybercriminals and state-backed hackers. This is a post from HackRead.com Read the original post: Hackers Attack UKs Nuclear Waste...
The Most Dangerous People on the Internet in 2023
From Sam Altman and Elon Musk to ransomware gangs and state-backed hackers, these are the individuals and groups that spent this year disrupting the world we know it...
Microsoft’s Digital Crime Unit Goes Deep on How It Disrupts Cybercrime
Ten years in, Microsoft’s DCU has honed its strategy of using both unique legal tactics and the company’s technical reach to disrupt global cybercrime and state-backed actors...
Microsoft Does Damage Control With Its New 'Secure Future Initiative'
Following a string of serious security incidents, Microsoft says it has a plan to deal with escalating threats from cybercriminals and state-backed hackers...