cyber espionage – Page 2 – WindowsTechs.com

OilRig targets Israel organizations with new lightweight downloaders

Posted on December 15, 2023 by Help Net Security

ESET researchers analyzed a growing series of new OilRig downloaders that the group used in several campaigns throughout 2022 to maintain access to target organizations of special interest, all located in Israel. They include an organization in the hea… Continue reading OilRig targets Israel organizations with new lightweight downloaders→

Russian hackers target unpatched JetBrains TeamCity servers

Posted on December 14, 2023 by Helga Labus

Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish cybersecurity and law enforcement authorities have warned. The targets APT 29 (a… Continue reading Russian hackers target unpatched JetBrains TeamCity servers→

Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)

Posted on December 5, 2023 by Helga Labus

Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and private entities in Poland, Polish Cyber Command has warned. Compromising email … Continue reading Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)→

Advanced threat predictions for 2024

Posted on November 14, 2023 by GReAT

Kaspersky researchers review APT predictions for 2023 and current trends in the advanced threat landscape, and try to predict how it will develop in 2024. Continue reading Advanced threat predictions for 2024→

Pro-Palestinian hacking group evolves tactics amid war

Posted on November 14, 2023 by AJ Vicens

A long-running espionage campaign shows signs of iteration and development amid Gaza fighting, researchers say.

The post Pro-Palestinian hacking group evolves tactics amid war appeared first on CyberScoop.

Continue reading Pro-Palestinian hacking group evolves tactics amid war→

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

Posted on November 9, 2023 by

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups. Continue reading Modern Asian APT groups’ tactics, techniques and procedures (TTPs)→

WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users

Posted on November 2, 2023 by Dmitry Kalinin

A WhatsApp mod with a built-in spy module has been spreading through Arabic and Azeri Telegram channels since August 2023. Continue reading WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users→

APT trends report Q3 2023

Posted on October 17, 2023 by GReAT

TetrisPhantom targets government entities in APAC, APT BadRory attacks multiple entities in Russia, new malicious campaign uses well-known Owowa, IIS backdoor and other significant events during Q3 2023 Continue reading APT trends report Q3 2023→

ToddyCat: Keep calm and check logs

Posted on October 12, 2023 by Giampaolo Dedola, Domenico Caldarella, Alexander Fedotov, Andrey Gunkin

In this article, we’ll describe ToddyCat new toolset, the malware used to steal and exfiltrate data, and the techniques used by this group to move laterally and conduct espionage operations. Continue reading ToddyCat: Keep calm and check logs→

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm

Posted on October 2, 2023 by Help Net Security

Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by masquerading as a recruiter for Meta — the company behind Facebook, Instagra… Continue reading Lazarus impersonated Meta recruiter to breach Spanish aerospace firm→