At least one vulnerability is being exploited by multiple cyberespionage groups to attacks targets mainly in the US, per ESET telemetry Microsoft has rushed out emergency updates to address four zero-day flaws affecting Microsoft Exchange Server versions 2013, 2016, and 2019. Threat actors have been observed exploiting the vulnerabilities in . . . Read more
Researchers have spotted notable code overlap between the Sunburst backdoor and a known Turla weapon.
Researchers at Recorded Future report a rise in cracked Cobalt Strike and other open-source adversarial tools with easy-to-use interfaces. Simple to use and deploy offensive security tools, making it easier than ever for criminals with little technical know-how to get in on cybercrime are seeing a significant rise, researchers say. . . . Read more
The widespread compromise affecting key government agencies is ongoing, according to the U.S. government. The U.S. government has identified Russia as the “likely” culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies. Cyberespionage is cited as the motivation behind the attack, which . . . Read more
Researchers say a recent attack targeting videogaming developers has ‘strong links’ to the infamous APT27 threat group. A recent slew of related ransomware attacks on top videogame companies has been associated with the notorious Chinese-linked APT27 threat group, suggesting that the advanced persistent threat (APT) is swapping up its historically . . . Read more
The nation-state actor is looking to speed up vaccine development efforts in North Korea. The advanced persistent threat (APT) known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts. That’s the finding from Kaspersky researchers, who found . . . Read more
The phones of 36 journalists were infected by four APTs, possibly linked to Saudi Arabia or the UAE. Four nation-state-backed advanced persistent threats (APTs) hacked Al Jazeera journalists, producers, anchors and executives, in an espionage attack leveraging a zero-day exploit for Apple iPhone, researchers said. The attack, carried out in . . . Read more
The attack was mounted via SolarWinds Orion, in a manual and targeted supply-chain effort. The U.S. Department of Homeland Security (DHS), plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. In addition, defense contractors and enterprises were . . . Read more
The threat group is increasing its espionage activity in light of the current political climate and recent events in the Middle East, with two new backdoors.
Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets. The SideWinder advanced persistent threat (APT) group has mounted a fresh phishing and malware initiative, using recent territory disputes between China, India, Nepal and Pakistan as lures. The goal . . . Read more