The APT28 threat group exploited vulnerable TP-Link and MikroTik routers to conduct adversary-in-the-middle (AitM) attacks.
The post US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking appeared first on SecurityWeek.
Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
The state-sponsored group’s campaign has targeted government, higher education, financial, and legal entities, as well as think tanks.
The post Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit appeared first on SecurityWeek.
Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury
Analysis reveals a six-month buildup of Iran-linked cyber infrastructure, including US-based shell companies, designed to weather kinetic strikes and ensure the resilience of its global hacking operations.
The post Iran Readied Cyberattack Capabilities for Response Prior to Epic Fury appeared first on SecurityWeek.
Iranian APT Hacked US Airport, Bank, Software Company
The attacks, observed since February, show that Iranian hackers already have a presence in the networks of US organizations.
The post Iranian APT Hacked US Airport, Bank, Software Company appeared first on SecurityWeek.
Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability
The attacks targeting Europe were analyzed by Ukraine’s CERT-UA and the cybersecurity company Zscaler.
The post Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability appeared first on SecurityWeek.
Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks
After years of exploiting zero-day and n-day vulnerabilities, Russian state-sponsored threat actors are shifting to misconfigured devices.
The post Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks appeared first on SecurityWeek.
Reporters Without Borders Targeted by Russian Hackers
The state-sponsored hackers relied on phishing emails to deliver a malicious payload to Reporters Without Borders (RSF).
The post Reporters Without Borders Targeted by Russian Hackers appeared first on SecurityWeek.
Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks
APT24 has been relying on various techniques to drop the BadAudio downloader and then deploy additional payloads.
The post Chinese Cyberspies Deploy ‘BadAudio’ Malware via Supply Chain Attacks appeared first on SecurityWeek.
Russian APT Switches to New Backdoor After Malware Exposed by Researchers
Star Blizzard started using the NoRobot (BaitSwitch) and MaybeRobot (SimpleFix) malware after public reporting on the LostKeys malware.
The post Russian APT Switches to New Backdoor After Malware Exposed by Researchers appeared first on SecurityWeek.
Chinese APT ‘Phantom Taurus’ Targeting Organizations With Net-Star Malware
Focused on espionage, the threat actor shares infrastructure with Chinese APTs, but uses different TTPs in attacks.
The post Chinese APT ‘Phantom Taurus’ Targeting Organizations With Net-Star Malware appeared first on SecurityWeek.
