Microsoft Seizes 42 Domains Used by Chinese Hacking Group Nickel
Microsoft has successfully seized control of 42 domains which were being used by a Chinese hacking group to carry out intelligence …
APT
Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group
Microsoft seized dozens of malicious domains used by the China-linked APT15 group to target organizations worldwide. Microsoft announced …
FBI warning: Hackers are targeting this flaw in Zoho ManageEngine ServiceDesk Plus
The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) are warning about the ‘active …
Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077)
An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a …
SideCopy APT: Connecting lures to victims, payloads to infrastructure
This blog post was authored by Hossein Jazi and the Threat Intelligence Team. Last week, Facebook announced that back in August it had …
APT Groups Adopt New Phishing Method. Will Cybercriminals Follow?
APT groups from Russia, China, and India have adopted a new and easily implemented phishing method throughout the second and third quarters …
APT annual review 2021
For this annual review, we have tried to focus on what we consider to be the most interesting trends and developments of the last 12 …
ScarCruft APT Mounts Desktop/Mobile Double-Pronged Spy Attacks
The North Korea-linked ScarCruft advanced persistent threat (APT) group has developed a fresh, multiplatform malware family for attacking …
ScarCruft surveilling North Korean defectors and human rights activists
The ScarCruft group (also known as APT37 or Temp.Reaper) is a nation-state sponsored APT actor. Recently, we had an opportunity to perform …
WIRTE’s campaign in the Middle East ‘living off the land’ since at least
In this report we provide details on a malicious VBS implant distributed via MS Excel droppers and a fake “Kaspersky Update Agent” which we …
APT C-23 Hackers Using Android Spyware to Hack Middle East Android Users
The Sophos cybersecurity researchers have recently spotted new variants of APT C-23’s Spyware, and is primarily use this Android Spyware …
IT threat evolution Q3 2021
WildPressure and LuminousMoth threat actors, FinSpy implants, zero-day vulnerabilities and PrintNightmare, threats for Linux and macOS in …
APT C-23 Hackers Using New Android Spyware Variant to Target Middle East Users
A threat actor known for striking targets in the Middle East has evolved its Android spyware yet again with enhanced capabilities that …
New Android Spyware Variants Linked to Middle Eastern APT
New variants of Android spyware linked to a Middle Eastern advanced persistent threat (APT) group have been designed to be stealthier and …