Cybereason Nocturnus – WindowsTechs.com

DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos

Posted on August 3, 2021 by Cybereason Nocturnus

Following the discovery of Hafnium attacks targeting Microsoft Exchange vulnerabilities, the Cybereason Nocturnus and Incident Response teams proactively hunted for various threat actors trying to leverage similar techniques in-the-wild. In the… Continue reading DeadRinger: Exposing Chinese Threat Actors Targeting Major Telcos→

Cybereason vs. Prometheus Ransomware

Posted on July 15, 2021 by Cybereason Nocturnus

Prometheus is a relatively new variant of the Thanos ransomware that is operated independently by the Prometheus group, and was first observed in February of 2021. In just a short period of time, Prometheus caused a lot of damage, and breached over 40 … Continue reading Cybereason vs. Prometheus Ransomware→

PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector

Posted on April 30, 2021 by Cybereason Nocturnus

The Cybereason Nocturnus Team has been tracking recent developments in the RoyalRoad weaponizer, also known as the 8.t Dropper/RTF exploit builder. Over the years, this tool has become a part of the arsenal of several Chinese-related threat actors… Continue reading PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector→