The DoJ said that Russian nationals Aleksandr Grichishkin and Andrei Skvortsov, alongside Lithuanian Aleksandr Skorodumov and Pavel Stassi, from Estonia, operated a bulletproof host from 2009 to 2015.

Russian spies from APT29 responded to Western agencies outing their tactics by adopting a red-teaming tool to blend into targets' networks as a legitimate pentesting exercise.

Similar to how Ryuk and Conti partnered with TrickBot and Egregor and ProLock worked with QBot, the Cuba Ransomware has partnered with Hancitor to gain access to compromised networks.

Several new techniques have become available recently that give attackers an easy way to abuse legitimate Windows services and escalate low-level privileges on a system to gain full control of it.

Hackers infiltrated the systems of Rubin Central Design Bureau for Marine Engineering, a Russian submarine design firm, using a new malware called PortDoor. It is suspected that Chinese actors could be behind the attack.

According to multiple documents found by Recorded Future’s Insikt Group, Unit 61419 of the Chinese People’s Liberation Army (PLA) bought small batches of different antivirus products in early 2019.

Tick has constantly used spear-phishing and watering hole attacks to breach target systems. However, in one instance, the group has been found to leverage a zero-day vulnerability.

Researchers uncovered mischievous activities by the Naikon hacking group, which has been deploying a new backdoor against military organizations in Southeast Asia for over two years.

A financially motivated threat group, tracked as UNC2447, was spotted exploiting a previously disclosed zero-day flaw in SonicWall’s Secure Mobile Access (SMA) appliances.

Security researchers from AdvIntel discovered that Ryuk ransomware attacks are now mostly using exposed RDP connections to gain an initial foothold inside a targeted network.