The widespread compromise affecting key government agencies is ongoing, according to the U.S. government. The U.S. government has identified Russia as the “likely” culprit behind the widespread SolarWinds cyberattack that has so far affected multiple federal agencies and private-sector companies. Cyberespionage is cited as the motivation behind the attack, which . . . Read more
The nation-state actor is looking to speed up vaccine development efforts in North Korea. The advanced persistent threat (APT) known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts. That’s the finding from Kaspersky researchers, who found . . . Read more
The ongoing, growing campaign is “effectively an attack on the United States and its government and other critical institutions,” Microsoft warned. Microsoft has become the latest victim of the ever-widening SolarWinds-driven cyberattack that has impacted rafts of federal agencies and tech targets. Its president, Brad Smith, warned late Thursday to . . . Read more
The attack was mounted via SolarWinds Orion, in a manual and targeted supply-chain effort. The U.S. Department of Homeland Security (DHS), plus the Treasury and Commerce departments, have been hacked in an attack related to the FireEye compromise last week, according to reports. In addition, defense contractors and enterprises were . . . Read more
Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets. The SideWinder advanced persistent threat (APT) group has mounted a fresh phishing and malware initiative, using recent territory disputes between China, India, Nepal and Pakistan as lures. The goal . . . Read more
A raft of obfuscation techniques turn the heat up for the hacking-for-hire operation. The DeathStalker advanced persistent threat (APT) group has a hot new weapon: A highly stealthy backdoor that researchers have dubbed PowerPepper, used to spy on targeted systems. DeathStalker offers mercenary, espionage-for-hire services targeting the financial and legal . . . Read more
The feds have seen ongoing cyberattacks on think-tanks (bent on espionage, malware delivery and more), using phishing and VPN exploits as primary attack vectors. The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a warning on what they say are persistent, continued cyberattacks by advanced persistent threat . . . Read more
In a recent cyberattack against an E.U. country’s Ministry of Foreign Affairs, the Crutch backdoor leveraged Dropbox to exfiltrate sensitive documents.
Turla has outfitted a trio of backdoors with new C2 tricks and increased interop, as seen in an attack on a European government.
The Kimsuky/Hidden Cobra APT is going after the commercial sector, according to CISA. The North Korean advanced persistent threat (APT) group known as Kimsuky is actively attacking commercial-sector businesses, often by posing as South Korean reporters, according to an alert from the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Kimsuky . . . Read more