cyber espionage – Page 2 – WindowsTechs.com

Chinese hackers compromised an ISP to deliver malicious software updates

Posted on August 5, 2024 by Zeljka Zorz

APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have shared. Malware delivery via automatic software updates StormBamboo (aka Evasive… Continue reading Chinese hackers compromised an ISP to deliver malicious software updates→

CloudSorcerer – A new APT targeting Russian government entities

Posted on July 8, 2024 by Sergey Lozhkin

Kaspersky discovered a new APT CloudSorcerer targeting Russian government entities and using cloud services as C2, just like the CloudWizard actor. Continue reading CloudSorcerer – A new APT targeting Russian government entities→

Chinese hackers are increasingly deploying ransomware, researchers say

Posted on June 26, 2024 by AJ Vicens

Elite state-backed hackers are embracing the use of ransomware to obfuscate their operations.

The post Chinese hackers are increasingly deploying ransomware, researchers say appeared first on CyberScoop.

Continue reading Chinese hackers are increasingly deploying ransomware, researchers say→

Open-source Rafel RAT steals info, locks Android devices, asks for ransom

Posted on June 24, 2024 by Zeljka Zorz

The open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money to restore the device to its original state. Check Point researchers have ob… Continue reading Open-source Rafel RAT steals info, locks Android devices, asks for ransom→

XZ backdoor: Hook analysis

Posted on June 24, 2024 by Anderson Leite, Sergey Belov

In this article, we analyze XZ backdoor behavior inside OpenSSH, after it has achieved RSA-related function hook. Continue reading XZ backdoor: Hook analysis→

Chinese cyber espionage campaign targets ‘dozens’ of Western governments, Dutch officials say

Posted on June 11, 2024 by AJ Vicens

The ongoing operation claims international organizations and the defense industry as its victims, per authorities.

The post Chinese cyber espionage campaign targets ‘dozens’ of Western governments, Dutch officials say appeared first on CyberScoop.

Continue reading Chinese cyber espionage campaign targets ‘dozens’ of Western governments, Dutch officials say→

Chinese attackers leverage previously unseen malware for espionage

Posted on June 6, 2024 by Help Net Security

Sophos released its report, “Operation Crimson Palace: Threat Hunting Unveils Multiple Clusters of Chinese State-Sponsored Activity Targeting Southeast Asia,” which details a highly sophisticated, nearly two-year long espionage campaign against a high-… Continue reading Chinese attackers leverage previously unseen malware for espionage→

Moonstone Sleet: A new North Korean threat actor

Posted on May 29, 2024 by Zeljka Zorz

Microsoft has named yet another state-aligned threat actor: Moonstone Sleet (formerly Storm-1789), which engages in cyberespionage and ransomware attacks to further goals of the North Korean regime. “Moonstone Sleet uses tactics, techniques, and … Continue reading Moonstone Sleet: A new North Korean threat actor→

Trusted relationship attacks: trust, but verify

Posted on May 28, 2024 by Dmitry Kachan, Alina Sukhanova

We analyze the tactics and techniques of attackers targeting organizations through trusted relationships – that is, through contractors and external IT service providers. Continue reading Trusted relationship attacks: trust, but verify→

APT trends report Q1 2024

Posted on May 9, 2024 by GReAT

The report features the most significant developments relating to APT groups in Q1 2024, including the new malware campaigns DuneQuixote and Durian, and hacktivist activity. Continue reading APT trends report Q1 2024→