Advanced Persistent Threats

Advanced Persistent Threats | News, how-tos, features, reviews, and videos

An anonymous hooded figure is surrounded by an abstract network of avatars.
CSO  >  malware / security threat

A group of anonymous hooded figures exist amid raining streams of binary code. [security threats]

Void Balaur explained—a stealthy cyber mercenary group that spies on thousands

Unlike other groups, Void Balaur will target individuals and organizations in Russian-speaking countries and seems to have intimate knowledge of telecom systems.

timbrown solarwinds ciso 3x2

SolarWinds CISO: Know your adversary, what they want, watch everything

The compromise of SolarWinds' Orion software changed the company's approach to security. Tim Brown shares some hard-won advice for how CISOs and software vendors should prepare for supply chain attacks.

Russian hammer and sickle / binary code

Russian cyberspies target cloud services providers and resellers to abuse delegated access

A new Microsoft advisory claims Russia's Nobelium group is trying to gain long-term access to the technology supply chain and offers mitigation advice.

trojan horse malware virus binary by v graphix getty

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

The MalKamak group has been running its Operation GhostShell campaign for at least three years unnoticed.

backdoor / abstract security circuits, locks and data blocks

APT29 targets Active Directory Federation Services with stealthy backdoor

The FoggyWeb post-exploitation backdoor is persistent and steals configuration databases and security token certificates.

security threats and vulnerabilities

APT actors exploit flaw in ManageEngine single sign-on solution

US government agencies urge immediate action to look for indicators of compromise and, if found, take recommended steps to mitigate.

danger lurking in mobile binary code

How APTs become long-term lurkers: Tools and techniques of a targeted attack

A new McAfee report details the tools and techniques an APT group used to go undetected on a client network for over a year.

Praying mantis among green leaves [camouflage/stealth]

APT group hits IIS web servers with deserialization flaws and memory-resident malware

Praying Mantis group is likely a nation-state actor that uses custom malware and is adept at avoiding detection.

industrial power plant hacked skull and crossbone pixels security breach power plant by jason black

CISA: China successfully targeted US oil and natural gas infrastructure

CISA alert details past network compromises and exposes a lack of preparedness among ICS companies.

A binary map of china.

Biden administration, US allies condemn China's malicious hacking, espionage actions

Global coalition calls on China to curtail its cyber activities. For the first time, the US blames China directly for ransomware attacks.

A laptop displays binary code and the flag of China.

US charges four suspected Chinese spies who coordinated APT40 hackers

The government outlines how APT40 conducted its Microsoft Exchange Server attack and offers advice to defend against nation-state threats.

target threat hunting program sitting duck duck shooting gallery by roz woodward getty 2400x1600

Tips and tactics of today's cybersecurity threat hunters

Having internal threat hunting capability is becoming a necessity for many organizations. Here are the most common things they look for and how they respond to incidents.

security threats and vulnerabilities

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.

FBI Flag

FBI cleans web shells from hacked Exchange servers in rare active defense move

The FBI has been deleting backdoors placed by cyberespionage group Hafnium on Microsoft Exchange servers. The court order allowing them to do so signals a more active defense approach.

Russian hammer and sickle / binary code

US sanctions Russian government, security firms for SolarWinds breach, election interference

The Biden administration places economic sanctions on Russian government organizations, individuals, and companies including several security firms.

succession brain sharing intellectual knowledge sharing

US government calls for better information sharing in wake of SolarWinds, Exchange attacks

The Biden administration seeks ways to better gather and share security intelligence from the private sector, but experts see barriers to success.

A broken link in a digital chaing / weakness / vulnerability

Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws

Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.

Binary Russian flag

SolarWinds hack is a wakeup call for taking cybersecurity action

Many questions are yet to be answered as the investigation and response continues, but one thing is clear: managing supply chain risks requires a level of sophistication similar to that of the attackers.

Load More
You Might Also Like