Advanced Persistent Threats

Advanced Persistent Threats | News, how-tos, features, reviews, and videos

A multitude of arrows pierce a target. [numerous attacks / quantity / severity]
The shadow of hand unsettlingly hovers over a keyboard.

binary code, magnifying lens, skull and crossbones

Threat hunters expose novel IceApple attack framework

Suspected state-sponsored threat actor uses IceApple to target technology, academic and government sectors with deceptive software.

backdoor / abstract security circuits, locks and data blocks

Stealthy Linux implant BPFdoor compromised organizations globally for years

The China-linked backdoor takes advantage of the Berkeley Packet Filter on Unix systems to hide its presence.


Chinese APT group Mustang Panda targets European and Russian organizations

Latest campaigns by Mustang Panda highlight the threat actor's versatility in terms of the tools and techniques it is able to use.

CSO: Have you met these hackers? [slide 04]

Chinese APT group Winnti stole trade secrets in years-long undetected campaign

The Operation CuckooBees campaign used zero-day exploits to compromise networks and leveraged Windows' Common Log File System to avoid detection.

Binary Russian flag

New Five Eyes alert warns of Russian threats targeting critical infrastructure

The alert provides detailed information on Russian government and state-sponsored cybercriminal groups as well as guidance for reducing risk.

spyware alert notification

Spyware was used against Catalan targets and UK prime minister and Foreign Office

Researchers at the Citizen Lab says dozens of officials' phones were compromised by spyware sold by NSO Group or Candiru.

quell cyber attacks primary

What is the cyber kill chain? A model for tracing cyberattacks

The cyber kill chain describes the phases of a targeted cyberattack where defenders can identify and stop it.

binary code, magnifying lens, skull and crossbones

FBI active defense measure removes malware from privately owned firewalls

The action targeted devices infected by the Cyclops Blink malware, believed to have been developed by Russia's Sandworm group.

Binary Russian flag

New threat group underscores mounting concerns over Russian cyber threats

Crowdstrike says Ember Bear is likely responsible for the wiper attack against Ukrainian networks and that future Russian cyberattacks might target the West.

industrial power plant hacked skull and crossbone pixels security breach power plant by jason black

US charges Russian government agents for cyberattacks on critical infrastructure

Two sets of attacks used Triton and Havex malware to infiltrate industrial control systems at energy organizations in the US and abroad.

A laptop displays binary code and the flag of China.

ShadowPad has become the RAT of choice for several state-sponsored Chinese APTs

New research links the ShadowPad remote-access Trojan to China's Ministry of State Security and the People's Liberation Army.

Binary Russian flag

Russia’s offensive cyber actions should be a cause for concern for CISOs

Recent cyber attacks against Western entities operating in Ukraine aim to disrupt or conduct espionage. CISOs should be wary of such attacks expanding beyond the Ukrainian border.

cryptojacking / cryptocurrency attack

Savvy cryptomining malware campaign targets Asian cloud service providers

Sophisticated techniques deployed by CoinStomp gang use cloud service providers to mine cryptocurrency.

trojan horse malware virus binary by v graphix getty

Iranian APT group uses previously undocumented Trojan for destructive access to organizations

The Moses Staff group's main target is Israel, but has recently launched attacks on organizations in other countries including India, Germany and the U.S.

malware attack

MoonBounce UEFI implant used by spy group brings firmware security into spotlight

The MoonBounce rootkit implants a malicious driver in the Windows kernel to provide persistence and stealthiness.

An anonymous hooded figure is surrounded by an abstract network of avatars.

Cybercrime group Elephant Beetle lurks inside networks for months

Elephant Beetle specializes in stealing money from financial and commerce firms over an extended period of time while remaining undetected.

CSO  >  malware / security threat

Malware variability explained: Changing behavior for stealth and persistence

More malware is designed to be variable, choosing which computers to infect or even the type of attack to execute.

A group of anonymous hooded figures exist amid raining streams of binary code. [security threats]

Void Balaur explained—a stealthy cyber mercenary group that spies on thousands

Unlike other groups, Void Balaur will target individuals and organizations in Russian-speaking countries and seems to have intimate knowledge of telecom systems.

Load More
You Might Also Like