Tag: government targets

3 Attack Reports | 0 Vulnerabilities

Attack reports

Cyber Espionage Operation Expanding from Central Asia

An active cyber-espionage campaign by UAC-0063 is targeting organizations in Central Asia and Europe, including government entities and diplomatic missions. The group exploits previously compromised victims by weaponizing exfiltrated documents to deliver HATVIBE malware. They use sophisticated tool…
government targets
cyber-espionage
central asia
hatvibe
2025-01-29
downexpyer
weaponized documents
pyplunderplug
logpie
Published: January 29, 2025
Downloadable IOCs: 0

New Star Blizzard spear-phishing campaign targets WhatsApp accounts

Star Blizzard, a Russian threat actor, has launched a new spear-phishing campaign targeting WhatsApp accounts. The campaign, observed in mid-November 2024, marks a shift in the actor's tactics. Targets include government officials, diplomats, and researchers focused on Russia-related topics. The at…
social engineering
whatsapp
credential theft
government targets
spear-phishing
2025-01-17
diplomacy targets
qr code
russian threat actor
Published: January 17, 2025
Downloadable IOCs: 2

Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations

Between April and July 2024, Iranian state-sponsored threat actor Peach Sandstorm deployed a new custom multi-stage backdoor called Tickler. The malware targeted organizations in the satellite, communications equipment, oil and gas, and government sectors in the United States and UAE. Peach Sandsto…
backdoor
2024-08-30
azure abuse
password spray
satellite sector
government targets
tickler
linkedin intelligence gathering
tickler malware
iranian threat actor
Published: August 30, 2024
Downloadable IOCs: 9
Click here to see more Attack Reports