Lucene search
K

4 matches found

The Hacker News
The Hacker News
added 2024/05/17 8:46 a.m.11 views

Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

The Kimsuky aka Springtail advanced persistent threat APT group, which is linked to North Korea's Reconnaissance General Bureau RGB, has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations. The backdoor, codenamed Gomir, is...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/03 12:35 p.m.13 views

Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications

Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection. This is done to "facilitate communications with command-and-control C&C infrastructure hosted on Microsoft cloud services," the Symantec Threat Hunter Team, part of...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/22 10:12 a.m.39 views

Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates

A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its insect-themed moniker Carderbee. The...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/18 10:19 a.m.45 views

FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks

The financially motivated threat actor known as FIN8 has been observed using a "revamped" version of a backdoor called Sardonic to deliver the BlackCat ransomware. According to the Symantec Threat Hunter Team, part of Broadcom, the development is an attempt on the part of the e-crime group to...

7AI score
Exploits0
Rows per page
Query Builder