APT – Page 3 – WindowsTechs.com

EastWind campaign: new CloudSorcerer attacks on government organizations in Russia

Posted on August 14, 2024 by GReAT

Kaspersky has identified a new EastWind campaign targeting Russian organizations and using CloudSorcerer as well as APT31 and APT27 tools. Continue reading EastWind campaign: new CloudSorcerer attacks on government organizations in Russia→

APT trends report Q2 2024

Posted on August 13, 2024 by GReAT

The report features the most significant developments relating to APT groups in Q2 2024, including the new backdoor in Linux utility XZ, a new RAT called SalmonQT, and hacktivist activity. Continue reading APT trends report Q2 2024→

StormBamboo APT Targets ISPs, Spreads Malware via Software Updates

Posted on August 5, 2024 by Deeba Ahmed

StormBamboo abuses insecure software updates! Don’t be a victim! This article explores how the StormBamboo group compromises ISPs… Continue reading StormBamboo APT Targets ISPs, Spreads Malware via Software Updates→

Chinese hackers compromised an ISP to deliver malicious software updates

Posted on August 5, 2024 by Zeljka Zorz

APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have shared. Malware delivery via automatic software updates StormBamboo (aka Evasive… Continue reading Chinese hackers compromised an ISP to deliver malicious software updates→

North Korean hacking group makes waves to gain Mandiant, FBI spotlight

Posted on July 25, 2024 by Tim Starks

The newly designated APT45 pursues military intelligence but has been expanding its targets, Mandiant says.

The post North Korean hacking group makes waves to gain Mandiant, FBI spotlight appeared first on CyberScoop.

Continue reading North Korean hacking group makes waves to gain Mandiant, FBI spotlight→

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks

Posted on July 16, 2024 by Zeljka Zorz

The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Trend… Continue reading Void Banshee APT exploited “lingering Windows relic” in zero-day attacks→

Kernel 6.8.11-amd64 Headers not being able to install [migrated]

Posted on July 12, 2024 by vidyarthi

I am not able to install the linux-headers-6.8.11-amd64 kernel even after repeated trying. I tried several methods – apt-get update, apt-get upgrade, apt-get dist-upgrade dkms –configure linux-headers-amd64 apt-get install linux-headers-a… Continue reading Kernel 6.8.11-amd64 Headers not being able to install [migrated]→

Chinese APT40 group swifly leverages public PoC exploits

Posted on July 9, 2024 by Zeljka Zorz

Chinese state-sponsored cyber group APT40 is amazingly fast at adapting public proof-of-concept (PoC) exploits for vulnerabilities in widely used software, an advisory released by intelligence and cybersecurity agencies from eight countries warns. The … Continue reading Chinese APT40 group swifly leverages public PoC exploits→

TeamViewer: Network segmentation hobbled Midnight Blizzard’s attack

Posted on July 8, 2024 by Zeljka Zorz

TeamViewer, the company developing the popular remote access/control software with the same name, has finished the investigation into the breach it detected in late June 2024, and has confirmed that it was limited to their internal corporate IT environ… Continue reading TeamViewer: Network segmentation hobbled Midnight Blizzard’s attack→

CloudSorcerer – A new APT targeting Russian government entities

Posted on July 8, 2024 by Sergey Lozhkin

Kaspersky discovered a new APT CloudSorcerer targeting Russian government entities and using cloud services as C2, just like the CloudWizard actor. Continue reading CloudSorcerer – A new APT targeting Russian government entities→