What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in apt

Microsoft rushes out fixes for four zero‑day flaws in Exchange Server

At least one vulnerability is being exploited by multiple cyberespionage groups to attacks targets mainly in the US, per ESET telemetry Microsoft has rushed out emergency updates to address four zero-day flaws affecting Microsoft Exchange Server versions 2013, 2016, and 2019. Threat actors have been observed exploiting the vulnerabilities in . . . Read more

Malicious Software Infrastructure Easier to Get and Deploy Than Ever

Researchers at Recorded Future report a rise in cracked Cobalt Strike and other open-source adversarial tools with easy-to-use interfaces. Simple to use and deploy offensive security tools, making it easier than ever for criminals with little technical know-how to get in on cybercrime are seeing a significant rise, researchers say. . . . Read more

Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack

The widespread compromise affecting key government agencies is ongoing, according to the U.S. government. The U.S. government has identified Russia as the “likely” culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies. Cyberespionage is cited as the motivation behind the attack, which . . . Read more

Major Gaming Companies Hit with Ransomware Linked to APT27

Researchers say a recent attack targeting videogaming developers has ‘strong links’ to the infamous APT27 threat group. A recent slew of related ransomware attacks on top videogame companies has been associated with the notorious Chinese-linked APT27 threat group, suggesting that the advanced persistent threat (APT) is swapping up its historically . . . Read more

Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack

The nation-state actor is looking to speed up vaccine development efforts in North Korea. The advanced persistent threat (APT) known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts. That’s the finding from Kaspersky researchers, who found . . . Read more

Zero-Click Apple Zero-Day Uncovered in Pegasus Spy Attack

The phones of 36 journalists were infected by four APTs, possibly linked to Saudi Arabia or the UAE. Four nation-state-backed advanced persistent threats (APTs) hacked Al Jazeera journalists, producers, anchors and executives, in an espionage attack leveraging a zero-day exploit for Apple iPhone, researchers said. The attack, carried out in . . . Read more

DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report

The attack was mounted via SolarWinds Orion, in a manual and targeted supply-chain effort. The U.S. Department of Homeland Security (DHS), plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. In addition, defense contractors and enterprises were . . . Read more

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign

Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets. The SideWinder advanced persistent threat (APT) group has mounted a fresh phishing and malware initiative, using recent territory disputes between China, India, Nepal and Pakistan as lures. The goal . . . Read more