What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in advanced persistent threat

Malicious Software Infrastructure Easier to Get and Deploy Than Ever

Researchers at Recorded Future report a rise in cracked Cobalt Strike and other open-source adversarial tools with easy-to-use interfaces. Simple to use and deploy offensive security tools, making it easier than ever for criminals with little technical know-how to get in on cybercrime are seeing a significant rise, researchers say. . . . Read more

Lazarus Group Hits COVID-19 Vaccine-Maker in Espionage Attack

The nation-state actor is looking to speed up vaccine development efforts in North Korea. The advanced persistent threat (APT) known as Lazarus Group and other sophisticated nation-state actors are actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts. That’s the finding from Kaspersky researchers, who found . . . Read more

Zero-Click Apple Zero-Day Uncovered in Pegasus Spy Attack

The phones of 36 journalists were infected by four APTs, possibly linked to Saudi Arabia or the UAE. Four nation-state-backed advanced persistent threats (APTs) hacked Al Jazeera journalists, producers, anchors and executives, in an espionage attack leveraging a zero-day exploit for Apple iPhone, researchers said. The attack, carried out in . . . Read more

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign

Convincing email-credentials phishing, emailed backdoors and mobile apps are all part of the groups latest effort against military and government targets. The SideWinder advanced persistent threat (APT) group has mounted a fresh phishing and malware initiative, using recent territory disputes between China, India, Nepal and Pakistan as lures. The goal . . . Read more

DeathStalker APT Spices Things Up with PowerPepper Malware

A raft of obfuscation techniques turn the heat up for the hacking-for-hire operation. The DeathStalker advanced persistent threat (APT) group has a hot new weapon: A highly stealthy backdoor that researchers have dubbed PowerPepper, used to spy on targeted systems. DeathStalker offers mercenary, espionage-for-hire services targeting the financial and legal . . . Read more

Think-Tanks Under Attack by APTs, CISA Warns

The feds have seen ongoing cyberattacks on think-tanks (bent on espionage, malware delivery and more), using phishing and VPN exploits as primary attack vectors. The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a warning on what they say are persistent, continued cyberattacks by advanced persistent threat . . . Read more

Firestarter Android Malware Abuses Google Firebase Cloud Messaging

The DoNot APT threat group is leveraging the legitimate Google Firebase Cloud Messaging server as a command-and-control (C2) communication mechanism. An APT group is starting fires with a new Android malware loader, which uses a legitimate Google messaging service to bypass detection. The malware, dubbed “Firestarter,” is used by an APT . . . Read more

CactusPete APT Hones Toolset, Resurfaces with New Espionage Targets

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.