Advanced Persistent Threats
Advanced Persistent Threats | News, how-tos, features, reviews, and videos
New Chinese attack framework Alchimist serves Windows, Linux, and macOS implants
Alchimist is easy to deploy and gives attackers a large suite of functionalities with which they can wreak havoc.
China’s attack motivations, tactics, and how CISOs can mitigate threats
A Booz Allen Hamilton report outlines global cyberthreats posed by the People’s Republic of China and gives some guidance on how to counter them.
North Korea’s Lazarus group uses vulnerable Dell driver to blind security solutions
This first known exploit of the Dell vulnerability might inspire other malware developers who want to avoid detection of their code.
Cyberespionage group developed backdoors tailored for VMware ESXi hypervisors
A possibly new threat actor packaged and deployed backdoors as vSphere Installation Bundles, gaining remote code execution and persistence capabilities.
UK organizations, Ukraine's allies warned of potential "massive" cyberattacks by Russia
UK National Cyber Security Centre CEO Lindy Cameron reflects on Russia’s recent cyber activity as Ukraine warns its allies to prepare for cyberattacks targeting critical infrastructure.
International cooperation is key to fighting threat actors and cybercrime
Western intelligence and national security leaders emphasize the importance of collaborating to better prepare and respond to cybersecurity threats.
US government indicts Iranian nationals for ransomware and other cybercrimes
The Department of Justice and FBI claim three Iranian citizens conducted a global cybercrime operation while separately the US Treasury sanctions Iran.
![CSO: Have you met these hackers? [slide 04]](https://images.idgesg.net/images/article/2018/04/cso_ss_hacker_types_slide_04_spy_by_david_sinclair_cc0_via_unsplash__binary_code_by_gettyimages_petmal-100755728-small.3x2.jpg?auto=webp&quality=85,70)
Iranian cyberspies use multi-persona impersonation in phishing threads
Iran-sponsored groups use fake personas of real people to add credibility to phishing emails designed to deliver malware through remote template injection.
North Korean state-sponsored hacker group Lazarus adds new RAT to its malware toolset
Lazarus has used the new remote access Trojan in campaigns that exploit the Log4Shell vulnerability and target energy companies.
Chinese APT group uses multiple backdoors in attacks on military and research organizations
The TA428 group has been successful by targeting known vulnerabilities and using known detection evasion techniques.
July was a hot month for cybersecurity research
Malware-laden Google Play apps, a Russian hijack of cloud storage services, and “flaws” that aren’t really flaws in the Okta platform all made for interesting security research this month.
Cyberespionage groups increasingly target journalists and media organizations
State-affiliated APT groups seek sensitive information and try to learn story sources by targeting journalists' email and social media accounts.
Feds wave red flag over Maui ransomware
Malware with manual twist and North Korean connection poses threat to healthcare providers.
U.S. and UK warn local governments, businesses of China's influence operations
China uses personal, business and political relationships to gather information and influence actions. U.S. and UK government agencies urge caution.
Attacker groups adopt new penetration testing tool Brute Ratel
APT group's use of a legitimate pen-testing tool gives them stealth capabilities, allowing them to avoid detection by EDR and antivirus tools.
APT campaign targeting SOHO routers highlights risks to remote workers
The ZuoRAT remote access Trojan malware can compromise multiple router brands and likely has been active for years.
![A multitude of arrows pierce a target. [numerous attacks / quantity / severity]](https://images.idgesg.net/images/article/2020/12/arrows_piercing_a_target_numerous_attacks_quantity_by_franck_v_cc0_via_unsplash-100869381-small.3x2.jpg?auto=webp&quality=85,70)
APT actor ToddyCat hits government and military targets in Europe and Asia
The previously undocumented APT group has been targeting high-profile organizations in Asia and Europe for over a year.
China's cyber espionage focus: intellectual property theft
The recently uncovered Operation CuckooBees campaign shows how serious China is about using IP theft as a competitive advantage. Protect IP now or chase it later.