Earth Krahang APT Exploits Intergovernmental Trust to Launch Cross-Government Attacks

The APT campaign targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa. It exploits public-facing servers and sends spear-phishing emails to deliver backdoors.

Lazarus Group Hackers Appear to Return to Tornado Cash for Money Laundering

North Korea’s Lazarus hacking group has reportedly used the Tornado Cash mixing service to launder $23 million stolen during a November 2023 cyberattack on the HTX cryptocurrency exchange.

RedCurl Group Leverages Windows Component for Cyber Espionage

The attack chain involves phishing emails with malicious attachments, the use of curl and Program Compatibility Assistant (PCA) in Windows to deliver and execute malicious payloads, and unauthorized command execution using Impacket.

Ransomware Talent Surges to Akira After LockBit's Demise

These skilled cybercriminals, referred to as "pentesters," specialize in exploiting vulnerabilities in Cisco devices, outdated VMware ESXi virtual machines, and tricking victims into installing remote monitoring and management software.

Muddled Libra Threat Group Abuses Pentesting Tools to Infiltrate Networks

Muddled Libra threat actors leverage pentesting tools to identify vulnerabilities in target systems and networks, enabling them to exploit security gaps and gain unauthorized access.

Incognito Darknet Market Mass-Extorts Buyers, Sellers

The darknet narcotics market Incognito Market is extorting its vendors and buyers by threatening to publish their cryptocurrency transaction and chat records if they refuse to pay a fee.

Iran-Linked ‘Lord Nemesis’ Group Appears Intent on Intimidating Israeli Organizations, Report Says

An Iranian state-backed hacking group, known as Lord Nemesis, targeted an Israeli academic administration software company called Rashim Software. The attackers used their access to infiltrate several of the company's clients.

Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities

Magnet Goblin is a financially motivated threat actor that rapidly exploits 1-day vulnerabilities in public-facing services to initiate attacks. This actor has targeted Ivanti, Magento, Qlink Sense, and possibly Apache ActiveMQ.

Microsoft Says Russian Hackers Stole Source Code After Spying on Its Executives

Microsoft is facing an ongoing attack from a Russia state-sponsored threat actor that stole data from senior-level executives and is attempting to gain unauthorized access to the company's systems.

China-Linked Evasive Panda APT Leverages Monlam Festival to Target Tibetans

The attacks involved compromising websites, such as the Kagyu International Monlam Trust's website, to specifically target users in India, Taiwan, Hong Kong, Australia, and the U.S.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags