North Korea allegedly targeting crypto businesses with Mac-focused malware
CategoryDetailsThreat ActorsBlueNoroff, a subgroup of Lazarus, attributed to North Korea's Reconnaissance General Bureau (RGB).Campaign Overview"Hidden…
HrServ – Previously unknown web shell used in APT attack
CategoryDetailsThreat ActorsUnknown threat actor; possibly a non-native English speaker; potential connection to Traditional Chinese language…
Threat actor abuses Gophish to deliver new PowerRAT and DCRAT
Category Details Threat Actors Unknown threat actor Campaign Overview Phishing campaign using Gophish toolkit; delivers…
EastWind campaign: new CloudSorcerer attacks on government organizations in Russia
Category Details Threat Actors APT31, APT27 Campaign Overview Targeted Russian government organizations and IT companies…
China-linked hackers tasked with Japanese targets pursue them through Europe
Category Details Threat Actors MirrorFace, a China-linked hacking group. Campaign Overview Expansion of operations to…
OSINT Investigation: Hunting Malicious Infrastructure Linked to Transparent Tribe
Category Details Threat Actors Transparent Tribe (APT36), Pakistan-based, active since at least 2013. Known for…
Security Brief: Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware
Category Details Threat Actors Not currently attributed to a specific threat actor. Infrastructure overlaps with…
Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files
SectionDetailsThreat Actors- Midnight Blizzard (also known as APT29, UNC2452, Cozy Bear)- Attributed to the…
Stonefly: Extortion Attacks Continue Against U.S. Targets
CategoryDetailsThreat Actors- Stonefly group (also known as Andariel, APT45, Silent Chollima, Onyx Sleet)- A…
-
- APT
- October 2, 2024
Bulbature, beneath the waves of GobRAT
Category Details Threat Actors Likely Chinese origin, as inferred from traces and victimology Campaign Overview…
