/ Security News /

A hacking group related to a Chinese-speaking threat actor has been linked to an advanced cyberespionage campaign targeting government and military organizations in Vietnam. The attacks have been attributed with low confidence to the advanced persistent threat (APT) called Cycldek (or Goblin Panda, Hellsing, APT 27, and Conimes), which is known for using spear-phishing techniques …

/ Security News /

UAE and Kuwait government agencies are targets of a new cyberespionage campaign potentially carried out by Iranian threat actors, according to new research. Attributing the operation to be the work of Static Kitten (aka MERCURY or MuddyWater), Anomali said the “objective of this activity is to install a remote management tool called ScreenConnect (acquired by …

This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework. See the ATT&CK for Enterprise version 8 for all referenced threat actor tactics and techniques. The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises of U.S. government agencies, critical infrastructure entities, and private sector organizations by an advanced …

/ Security News /

Cybersecurity researchers today disclosed a new supply-chain attack targeting the Vietnam Government Certification Authority (VGCA) that compromised the agency’s digital signature toolkit to install a backdoor on victim systems. Uncovered by Slovak internet security company ESET early this month, the “SignSight” attack involved modifying software installers hosted on the CA’s website (“ca.gov.vn”) to insert a …

/ Security News /

Cybersecurity researchers today unveiled a complex and targeted espionage attack on potential government sector victims in South East Asia that they believe was carried out by a sophisticated Chinese APT group at least since 2018. “The attack has a complex and complete arsenal of droppers, backdoors and other tools involving Chinoxy backdoor, PcShare RAT and …

Summary This joint cybersecurity advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor tactics and techniques This joint cybersecurity advisory—written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA)—provides information on Russian state-sponsored advanced persistent …

/ Security News /

Intelligence agencies in the US have released information about a new variant of 12-year-old computer virus used by China’s state-sponsored hackers targeting governments, corporations, and think tanks. Named “Taidoor,” the malware has done an ‘excellent’ job of compromising systems as early as 2008, with the actors deploying it on victim networks for stealthy remote access. …

/ Security News /

The advent of the Covid-19 pandemic and the impact on our society has resulted in many dramatic changes to how people are traveling, interacting with each other, and collaborating at work. There are several trends taking place as a consequence of the outbreak, which has only continued to heighten the need for the tightest possible …

/ Security News /

As part of its active efforts to protect billions of online users, Google identified and warned over 12,000 of its users who were targeted by a government-backed hacking attempt in the third quarter of this year. According to a report published by Google’s Threat Analysis Group (TAG), more than 90 percent of the targeted users …

/ Security News /

Targeted ransomware attacks on banking and finance, government, healthcare, and critical infrastructure are on the rise, with the latest victim being the state government of Louisiana. The state government of Louisiana was hit by a large-scale coordinated ransomware attack yesterday, which forced the state to take several state agency servers offline, including government websites, email …