A recent malware campaign has been uncovered, targeting South Korean organizations, specifically attributed to the North Korean hacking group Andariel. This development highlights the ongoing evolution of tactics employed by state-sponsored actors, particularly within the Lazarus Group, which has been consistently adapting its methodologies to enhance operational effectiveness. Kaspersky, a…
Recent investigations by Russian cybersecurity firm Kaspersky have unveiled that a hacking group suspected of having links to Iran has been exploiting instant messaging and VPN applications like Telegram and Psiphon since at least 2015. These tools are being utilized to deploy a Windows remote access trojan (RAT), which can…
A persistent brute-force attack campaign, believed to be orchestrated by Russian military intelligence, has targeted enterprise cloud environments since mid-2019. This information is detailed in a joint advisory released by intelligence agencies in both the United States and the United Kingdom. The National Security Agency (NSA), Cybersecurity and Infrastructure Security…
Recent investigations have unveiled a robust cyber campaign that initially targeted Myanmar but has since expanded its reach to include numerous organizations in the Philippines. This heightened activity was reported by Russian cybersecurity firm Kaspersky, which first detected these infections back in October 2020. Kaspersky associates this malicious activity with…
New Malware Uncovered Linked to Nobelium’s Supply Chain Attacks On Wednesday, cybersecurity researchers unveiled a previously unreported backdoor likely developed by Nobelium, the advanced persistent threat group responsible for last year’s SolarWinds supply chain attack. This latest malware, codenamed “Tomiris” by Kaspersky, further expands an arsenal of hacking tools employed…
The Lazarus Group, an advanced persistent threat (APT) linked to the North Korean government, has initiated two distinct supply chain attack campaigns aimed at infiltrating corporate networks and exploiting various downstream entities. Recent intelligence indicates that this group utilized the MATA malware framework along with backdoors known as BLINDINGCAN and…
Recent investigations have unveiled that a state-sponsored threat actor believed to have ties to Iran has conducted a series of targeted cyberattacks against internet service providers (ISPs) and telecommunications operators in countries such as Israel, Morocco, Tunisia, and Saudi Arabia. Additionally, a ministry of foreign affairs in Africa was also…
Recent Cyber Surveillance Attacks Target North Korean Defectors and Journalists In a disturbing development, advanced persistent threats (APTs) linked to nation-state actors have launched a series of highly-targeted surveillance attacks against North Korean defectors, journalists covering North Korea, and associated organizations based in South Korea. Reports from Russian cybersecurity firm…
Stealth Malware Campaign Targets Middle Eastern Entities A sophisticated malware campaign has been uncovered, targeting government bodies, military organizations, law firms, and financial institutions predominantly in the Middle East. Initiated as early as 2019, the campaign leverages malicious Microsoft Excel and Word documents to infiltrate victim networks. Kaspersky, a Russian…
