Search.AI.Wiki

Category: Intelligence

Iranian Peach Sandstorm group behind recent password spray attacks

Iran-linked Peach Sandstorm APT is behind password spray attacks against thousands of organizations globally between February and July 2023.

Microsoft researchers observed a series of password spray attacks conducted by Iran nation-state actors as part of a campaign named Peach …

The iPhone of a Russian journalist was infected with the Pegasus spyware

The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group’s Pegasus spyware.

The iPhone of the Russian journalist Galina Timchenko was compromised with NSO Group’s Pegasus spyware. A joint investigation conducted by …

Iranian Charming Kitten APT targets various entities in Brazil, Israel, and the U.A.E. using a new backdoor

Iran-linked APT group Charming Kitten used a previously undocumented backdoor named Sponsor in attacks against entities in Brazil, Israel, and the U.A.E.

ESET researchers observed a series of attacks, conducted by the Iran-linked APT group Charming Kitten (aka Ballistic Bobcat …

North Korea-linked threat actors target cybersecurity experts with a zero-day

North Korea-linked threat actors associated with North Korea exploited a zero-day flaw in attacks against cybersecurity experts.

North Korea-linked threat actors were observed exploiting a zero-day vulnerability in an unnamed software to target cybersecurity researchers.

The attacks that took place …

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump.

In July, Microsoft announced it had mitigated an attack conducted by a China-linked threat actor, tracked as Storm-0558, …

Meta disrupted two influence campaigns from China and Russia

Meta disrupted two influence campaigns orchestrated by China and Russia, the company blocked thousands of accounts and pages.

Meta announced it has taken down two of the largest known covert influence operations originating from China and Russia.

The social network …

North Korea-linked APT Labyrinth Chollima behind PyPI supply chain attacks

ReversingLabs researchers linked the VMConnect campaign to the North Korea-linked APT group Labyrinth Chollima.

ReversingLabs researchers believe that the North Korea-linked APT group Labyrinth Chollima is behind the VMConnect campaign. Threat actors uploaded a series of malicious packages to the …

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel.

GCHQ’s National Cyber Security Centre and international partners reported that Russia-linked threat actors are using a new malware to target the …

Chinese GREF APT distributes spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores

China-linked APT group GREF is behind a malware campaign distributing spyware via trojanized Signal and Telegram apps on Google Play

ESET researchers uncovered a cyberespionage campaign carried out by the China-linked APT group known as GREF that is distributing spyware …

Hackers infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for months

Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) has been infiltrated for months.

Threat actors have infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for as much as nine months. The intruders

China-linked …

FBI identifies wallets holding cryptocurrency funds stolen by North Korea

The U.S. FBI warned that North Korea-linked threat actors may attempt to cash out stolen cryptocurrency worth more than $40 million.

The Federal Bureau of Investigation shared details about the activity of six cryptocurrency wallets operated by North Korea-linked threat …

Carderbee APT targets Hong Kong orgs via supply chain attacks

A previously unknown APT group, tracked as Carderbee, was behind a supply chain attack against Hong Kong organizations.

Symantec Threat Hunter Team reported that a previously unknown APT group, tracked as Carderbee, used a malware-laced version of the legitimate Cobra …

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

HiatusRAT malware operators resurfaced with a new wave of attacks targeting Taiwan-based organizations and a U.S. military procurement system.

In March 2023, Lumen Black Lotus Labs researchers uncovered a sophisticated campaign called “HiatusRAT” that infected over 100 edge networking devices …

Charming Kitten APT is targeting Iranian dissidents in Germany

Germany’s Federal Office for the Protection of the Constitution (BfV) warns that the Charming Kitten APT group targeted Iranian dissidents in the country.

The Federal Office for the Protection of the Constitution (BfV) is warning that an alleged nation-state actor …

Charming Kitten APT is targeting Iranian dissidents in Germany

Germany’s Federal Office for the Protection of the Constitution (BfV) warns that the Charming Kitten APT group targeted Iranian dissidents in the country.

The Federal Office for the Protection of the Constitution (BfV) is warning that an alleged nation-state actor …

North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya

Two North Korea-linked APT groups compromised the infrastructure of the major Russian missile engineering firm NPO Mashinostroyeniya.

Cybersecurity firm SentinelOne linked the compromise of the major Russian missile engineering firm NPO Mashinostroyeniya to two different North Korea-linked APT groups. NPO …

The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO

Senior official reports a quadruple increase in ransomware attacks against Finland since it started the process to join NATO.

The number of ransomware attacks targeting Finland has increased fourfold since the country began the process of joining NATO in 2023.…

The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO

Senior official reports a quadruple increase in ransomware attacks against Finland since it started the process to join NATO.

The number of ransomware attacks targeting Finland has increased fourfold since the country began the process of joining NATO in 2023.…

BlueCharlie changes attack infrastructure in response to reports on its activity

Russia-linked APT group BlueCharlie was observed changing its infrastructure in response to recent reports on its activity.

Researchers from Recorded Future reported that Russia-linked APT group BlueCharlie (aka Blue Callisto, Callisto, COLDRIVER, Star Blizzard (formerly SEABORGIUM), ColdRiver, and TA446) continues …

Russian APT29 conducts phishing attacks through Microsoft Teams

Russia-linked APT29 group targeted dozens of organizations and government agencies worldwide with Microsoft Teams phishing attacks.

Microsoft Threat Intelligence reported that Russia-linked cyberespionage group APT29  (aka SVR group, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes) carried out Microsoft Teams …
文 » A