Group pleads guilty to running bulletproof hosting service for criminal gangs, malware payloads

The DoJ said that Russian nationals Aleksandr Grichishkin and Andrei Skvortsov, alongside Lithuanian Aleksandr Skorodumov and Pavel Stassi, from Estonia, operated a bulletproof host from 2009 to 2015.

Russian cyber-spies changed tactics after the UK and US outed their techniques – so here's a list of those changes

Russian spies from APT29 responded to Western agencies outing their tactics by adopting a red-teaming tool to blend into targets' networks as a legitimate pentesting exercise.

Cuba Ransomware Partners with Hancitor Spam Operators to Infiltrate Corporate Networks

Similar to how Ryuk and Conti partnered with TrickBot and Egregor and ProLock worked with QBot, the Cuba Ransomware has partnered with Hancitor to gain access to compromised networks.

New Techniques Emerge for Abusing Windows Services to Gain System Control

Several new techniques have become available recently that give attackers an easy way to abuse legitimate Windows services and escalate low-level privileges on a system to gain full control of it.

Chinese APT Groups Targeting Russian Defense Contractors

Chinese APT Groups Targeting Russian Defense Contractors - Cybersecurity news - Threat Actors
Hackers infiltrated the systems of Rubin Central Design Bureau for Marine Engineering, a Russian submarine design firm, using a new malware called PortDoor. It is suspected that Chinese actors could be behind the attack.

Chinese military unit accused of cyber-espionage bought multiple western antivirus products

According to multiple documents found by Recorded Future’s Insikt Group, Unit 61419 of the Chinese People’s Liberation Army (PLA) bought small batches of different antivirus products in early 2019.

Japanese Organizations Hacked: Tick is the Culprit

Japanese Organizations Hacked: Tick is the Culprit - Cybersecurity news - Threat Actors
Tick has constantly used spear-phishing and watering hole attacks to breach target systems. However, in one instance, the group has been found to leverage a zero-day vulnerability.

Naikon APT Group is Now Using Nebulae Backdoor

Naikon APT Group is Now Using Nebulae Backdoor - Cybersecurity news - Threat Actors
Researchers uncovered mischievous activities by the Naikon hacking group, which has been deploying a new backdoor against military organizations in Southeast Asia for over two years.

UNC2447 Exploiting SonicWall Zero-day to Breach Networks

UNC2447 Exploiting SonicWall Zero-day to Breach Networks - Cybersecurity news - Threat Actors
A financially motivated threat group, tracked as UNC2447, was spotted exploiting a previously disclosed zero-day flaw in SonicWall’s Secure Mobile Access (SMA) appliances.

Ryuk Ransomware Operators have Updated their Attack Techniques

Ryuk Ransomware Operators have Updated their Attack Techniques - Cybersecurity news - Threat Actors
Security researchers from AdvIntel discovered that Ryuk ransomware attacks are now mostly using exposed RDP connections to gain an initial foothold inside a targeted network.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags