ESET researchers have discovered a Linux variant of the SideWalk backdoor, one of the multiple custom implants used by the SparklingGoblin APT group. This variant was first deployed against a Hong Kong university in February 2021 — the same university that had already been targeted by SparklingGoblinRead More…
Cybereason, recently published the new research on Operation CuckooBees, a 12 month investigation into Winnti Group’s (APT 41) global cyber espionage campaign targeting manufacturers across North America, Europe and Asia in the Defense, Energy, Aerospace, Biotech and Pharma industries.Read More…
ESET Research discovered a still-ongoing cyberespionage campaign using a previously undocumented Korplug variant by the Mustang Panda APT group. This is the third time in as many weeks that ESET researchers have spotted previously unknown data wiping malwareRead More…
ESET researchers have uncovered recent campaigns and an updated threat arsenal of the infamous APT group Donot Team (also known as APT-C-35 and SectorE02). According to research findings, the group is very persistent and has consistently targeted the same organizations for at least the last two years.Read More…
From January 20 to November 10, 2021, Kaspersky experts uncovered a new piece of malware that has targeted more than 35,000 computers across 195 countries. Dubbed “PseudoManuscrypt” for its similarities with the advanced persistent threat (APT) group Lazarus’ Manuscrypt malware,Read More…
ESET Research has uncovered a new APT group BackdoorDiplomacy that primarily targets Ministries of Foreign Affairs in the Middle East and Africa, and less frequently, telecommunication companies. Their attacks usually start by exploiting vulnerable internet-exposed applications on webservers in order to install a custom backdoor that ESET is calling Turian. Read More…
The cyber threats such as cyberespionage, ransomware and supply-chain attacks are on the rise and above all, the most formidable challenge, and foe, shared by all governments is advanced persistent threat (APT) groups. Read More…
Kaspersky Lab has uncovered infrastructure used by the well-known Russian-speaking APT group Crouching Yeti, also known as Energetic Bear, which includes compromised servers across the world.Read More…
