4 matches found
CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China PRC to maintain long-term persistence on compromised systems. "BRICKSTORM is a...
UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors
Companies in the legal services, software-as-a-service SaaS providers, Business Process Outsourcers BPOs, and technology sectors in the U.S. have been targeted by a suspected China-nexus cyber espionage group to deliver a known backdoor referred to as BRICKSTORM. The activity, attributed to UNC52...
U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions
The U.S. Department of the Treasury's Office of Foreign Assets Control OFAC sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, Crypto Explorer DMCC...
NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers
An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. "The attacks are reaching victims mainly in Southern Europe...