| Title |
Published |
Tags |
Description |
Number of indicators |
| Analysis of Suspected APT Attack Activities by “Silver Fox” |
July 10, 2024, 10:19 a.m. |
|
This document examines the recent activities of the Silver Fox cybercrime group, which has traditionally targeted financial and t… |
7 |
| Exposing Attack Operations Utilizing PyPI Against Windows, Linux and macOS Platforms |
July 8, 2024, 10:50 a.m. |
|
The report details the APT-C-26 (Lazarus) group's recent attack campaign utilizing malicious Python packages hosted on the PyPI r… |
28 |
| espionage group targets government agencies with and more infection techniques |
June 24, 2024, 8:11 a.m. |
|
A recently discovered threat actor, dubbed 'SneakyChef,' has been conducting an ongoing espionage campaign targeting government a… |
148 |
| FHAPPI Campaign APT10 FreeHosting APT PowerSploit Poison Ivy |
June 19, 2024, 7:24 a.m. |
|
This analysis details a malicious campaign dubbed 'FHAPPI' by the researcher, which utilized compromised Geocities Japan accounts… |
5 |
| Keylogger Installed Using MS Office Equation Editor Vulnerability (Kimsuky) |
June 13, 2024, 10:14 a.m. |
|
This technical analysis examines a campaign by the Kimsuky threat group that exploited a vulnerability (CVE-2017-11882) in the Mi… |
0 |
| APT Attacks Using Cloud Storage |
June 11, 2024, 10:09 a.m. |
|
The report describes a malicious campaign where threat actors utilize cloud services like Google Drive, OneDrive, and Dropbox to … |
1 |
| SmallTiger Malware Used in Attacks Against South Korean Businesses (Kimsuky and Andariel) |
June 11, 2024, 10:04 a.m. |
|
This report details a series of attacks targeting South Korean companies, particularly defense contractors, automobile part manuf… |
19 |
| Operation ControlPlug: Targeted attack campaign using MSC files |
June 6, 2024, 2:55 p.m. |
|
An investigation revealed that the threat group DarkPeony, also known as Operation ControlPlug, employed a novel technique involv… |
14 |
| Hellhounds: Operation Lahat |
May 28, 2024, 11:28 a.m. |
|
A group called Hellhounds has continued attacking Russian organizations into 2024 using various techniques to compromise infrastr… |
73 |
| Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea |
May 24, 2024, 8:21 a.m. |
|
An investigation by Bitdefender Labs uncovered a previously unidentified cyber threat actor called Unfading Sea Haze. This group … |
47 |
| Transparent Tribe Targets Indian Government, Defense, and Aerospace Sectors Leveraging Cross-Platform Programming Languages |
May 24, 2024, 7:49 a.m. |
|
BlackBerry discovered the Pakistani-based advanced persistent threat group Transparent Tribe (APT36) targeting the Indian governm… |
97 |
| APT attack discovered using Facebook and MS management console (Attack signs detected targeting Korea and Japan) |
May 21, 2024, 11:15 a.m. |
|
A threat actor impersonated a North Korean human rights official on Facebook and approached targets. They shared malicious URLs d… |
46 |
| Master of Puppets: Uncovering the pro-Russian influence campaign |
May 21, 2024, 8:22 a.m. |
|
The DoppelGänger campaign is an ongoing influence operation attributed to Russian entities Structura and the Social Design Agency… |
588 |
| Analysis of APT attack cases targeting domestic companies using Dora RAT (Andariel Group) |
May 20, 2024, 10:20 a.m. |
|
AhnLab Security Intelligence Center (ASEC) recently confirmed that the Andariel group carried out APT attacks on domestic compani… |
10 |
| Deserialization of VIEWSTATE: how an “unpatched” vulnerability plays into the hands of pro-government groups |
May 20, 2024, 10:05 a.m. |
|
At the end of 2023, the Solar 4RAYS team was investigating an attack on a Russian telecom company by an Asian advanced persistent… |
9 |
| To the Moon and back(doors): Lunar landing in diplomatic missions |
May 16, 2024, 9:35 a.m. |
|
ESET researchers discovered two previously unknown backdoors – LunarWeb and LunarMail – compromising a European ministry of forei… |
12 |
| The Overlapping Cyber Strategies Of Transparent Tribe And SideCopy Against India |
May 15, 2024, 3:16 p.m. |
|
CRIL's analysis revealed SideCopy APT group's sophisticated malware campaign, employing malicious LNK files and a complex infecti… |
21 |
| Untangling Iran's APT42 Operations |
May 3, 2024, 9:36 a.m. |
|
APT42, an Iranian state-sponsored cyber espionage actor, is using enhanced social engineering schemes to gain access to victim ne… |
160 |
| Analysis of APT Group's Use of Malicious LNK Files to Deliver RokRat Attack |
April 29, 2024, 6:40 p.m. |
|
The report details a recent cyber attack campaign by the APT-C-28 (ScarCruft) group, known for targeting organizations in Korea a… |
3 |
| Uncorking Old Wine: Zero-Day from 2017 + Loader in Unholy Alliance |
April 29, 2024, 5:51 p.m. |
|
An analysis uncovered a suspected malicious campaign targeting entities in Ukraine. The attack employed an old vulnerability from… |
6 |