Cybercriminals Exploit Traditional Mail to Target Android Users The rise of cybercrime has introduced a bizarre twist to conventional means of communication, as nefarious actors are now leveraging traditional postal services, commonly referred to as “Snail Mail,” to distribute malware aimed at Android smartphones. The Swiss National Cyber Security Center…
T-Mobile Confirms Data Breach as Cybersecurity Threats Loom In a recent development that underscores ongoing vulnerabilities in the cybersecurity landscape, T-Mobile has confirmed a data breach affecting its systems. The incident highlights the increasing challenges businesses face in safeguarding sensitive information against increasingly sophisticated cybercriminal tactics. The breach reportedly involves…
Cyber Threats in Google Searches: Understanding Risks and Safeguards Google has revolutionized the way we gather information, seamlessly integrating into our everyday lives. From quickly finding directions to researching complex topics, Google’s search engine has become indispensable. However, the ease of access to information comes with a hidden risk: the…
BlueBravo Deploys GraphicalProton Backdoor Targeting European Diplomatic Entities On July 28, 2023, reports emerged detailing a sophisticated cyber espionage campaign orchestrated by the Russian state-sponsored group known as BlueBravo. This threat actor has turned its focus towards diplomatic institutions located in Eastern Europe, utilizing a newly developed backdoor named GraphicalProton.…
STARK#MULE Cyber Campaign Targets Korean Speakers with U.S. Military-Themed Malware Documents
July 28, 2023
Cyber Attack / Malware
A persistent cyber attack campaign identified as STARK#MULE is aimed at Korean-speaking individuals, using U.S. Military-themed documents to lure victims into executing malware on compromised systems. Cybersecurity firm Securonix has been monitoring this activity, though the full extent of the attacks remains unclear and it is unknown if any of them have successfully compromised systems. Security researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov noted in a report shared with The Hacker News that these attacks are reminiscent of previous ones linked to North Korean groups like APT37, which has historically targeted South Korea, particularly its government officials. APT37, also known by various aliases including Nickel Foxcroft, Reaper, Ricochet Chollima, and ScarCruft, is recognized as a North Korean state-sponsored actor focused on southern targets.
STARK#MULE Targets Koreans with U.S. Military-Themed Document Lures In a notable development in cyber threats, a new campaign has emerged targeting Korean-speaking individuals through the use of U.S. military-themed documents designed to deliver malware. Cybersecurity experts from Securonix have named the campaign STARK#MULE and are actively monitoring its activities. While…
STARK#MULE Cyber Campaign Targets Korean Speakers with U.S. Military-Themed Malware Documents
July 28, 2023
Cyber Attack / Malware
A persistent cyber attack campaign identified as STARK#MULE is aimed at Korean-speaking individuals, using U.S. Military-themed documents to lure victims into executing malware on compromised systems. Cybersecurity firm Securonix has been monitoring this activity, though the full extent of the attacks remains unclear and it is unknown if any of them have successfully compromised systems. Security researchers Den Iuzvyk, Tim Peck, and Oleg Kolesnikov noted in a report shared with The Hacker News that these attacks are reminiscent of previous ones linked to North Korean groups like APT37, which has historically targeted South Korea, particularly its government officials. APT37, also known by various aliases including Nickel Foxcroft, Reaper, Ricochet Chollima, and ScarCruft, is recognized as a North Korean state-sponsored actor focused on southern targets.
Researchers Uncover Cyber Campaign by Space Pirates Targeting Organizations in Russia and Serbia
August 1, 2023
Cyber Attack / Malware
The cyber threat group known as Space Pirates has been implicated in attacks on at least 16 organizations across Russia and Serbia in the past year, utilizing innovative tactics and expanding their cyber arsenal. According to a detailed report from Positive Technologies released last week, the group’s primary objectives remain espionage and the theft of sensitive information, but they have broadened both their targets and geographical reach. The affected entities include government agencies, educational institutions, private security firms, aerospace manufacturers, agricultural producers, and companies in the defense, energy, and healthcare sectors. Space Pirates was initially identified by Positive Technologies in May 2022, specifically for its attacks on the aerospace industry in Russia. The group is believed to have been active since at least late 2019 and is linked to another cyber adversary tracked by Symantec under the name Webworm. Positive Technologies’ investigation into these attacks reveals further insights into the group’s methods and targets.
Space Pirates’ Cyber Operations Targeting Organizations in Russia and Serbia Unveiled In a troubling revelation, researchers from Positive Technologies have identified a series of cyber attacks conducted by a threat actor known as Space Pirates, targeting at least 16 organizations in Russia and Serbia throughout the past year. This group…
Researchers Uncover Cyber Campaign by Space Pirates Targeting Organizations in Russia and Serbia
August 1, 2023
Cyber Attack / Malware
The cyber threat group known as Space Pirates has been implicated in attacks on at least 16 organizations across Russia and Serbia in the past year, utilizing innovative tactics and expanding their cyber arsenal. According to a detailed report from Positive Technologies released last week, the group’s primary objectives remain espionage and the theft of sensitive information, but they have broadened both their targets and geographical reach. The affected entities include government agencies, educational institutions, private security firms, aerospace manufacturers, agricultural producers, and companies in the defense, energy, and healthcare sectors. Space Pirates was initially identified by Positive Technologies in May 2022, specifically for its attacks on the aerospace industry in Russia. The group is believed to have been active since at least late 2019 and is linked to another cyber adversary tracked by Symantec under the name Webworm. Positive Technologies’ investigation into these attacks reveals further insights into the group’s methods and targets.
The recent emergence of the malware known as ToxicPanda has raised alarms particularly among Android users. This malicious software, which is primarily aimed at extracting sensitive financial information, notably bank account details, has garnered attention for its deceptive tactics. ToxicPanda masquerades as legitimate applications, making it challenging for users to…
The Rise of IoT-Driven DDoS Attacks: A Growing Threat to Security The Internet of Things (IoT) is significantly reshaping operational efficiencies across various industries, including healthcare and logistics. However, its rapid proliferation is accompanied by escalating security risks, particularly in the form of IoT-driven Distributed Denial-of-Service (DDoS) attacks. This phenomenon…
Phishing Attack Uncovered Using Fake CAPTCHA to Execute Malicious Scripts In a recent security analysis by ANY.RUN, an interactive malware analysis platform, a sophisticated phishing campaign has been identified that utilizes deceptive fake CAPTCHA prompts to lure victims into executing harmful scripts on their systems. This evolving threat exemplifies the…
