Cyberveilleby Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
14 résultats taggé APT  ✕
From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win https://www.sentinelone.com/blog/from-the-front-lines-unsigned-macos-orat-malware-gambles-for-the-win/
09/05/2022 18:58:30
QRCode
archive.org
thumbnail

Researchers looking into a new APT group targeting gambling sites with a variety of cross-platform malware recently identified a version of oRAT malware targeting macOS users and written in Go. While neither RATs nor Go malware are uncommon on any platform, including the Mac, the development of such a tool by a previously unknown APT is an interesting turn, signifying the increasing need for threat actors to address the rising occurrence of Macs among their intended targets and victims. In this post, we dig deeper into the technical details of this novel RAT to understand better how it works and how security teams can detect it in their environments.

SentinelOne EN 2022 macos oRat Go APT RAT
Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation https://www.cybereason.com/blog/operation-cuckoobees-cybereason-uncovers-massive-chinese-intellectual-property-theft-operation
06/05/2022 16:55:57
QRCode
archive.org
thumbnail

Cybereason recently an attack assessed to be the work of Chinese APT Winnti that operated undetected, siphoning intellectual property and sensitive data - the two companion reports examine the tactics and techniques of the overall campaign as well as more detailed analysis of the malware arsenal and exploits used...

cybereason 2022 EN CuckooBees Winnti APT APT41 intellectual property siphoning Theft
What does APT Activity Look Like on MacOS? https://themittenmac.com/what-does-apt-activity-look-like-on-macos/
28/04/2022 10:54:25
QRCode
archive.org
thumbnail

What does APT Activity Look Like on macOS?I often get asked what Advanced Persistent Activity (APT) or nation state hacking looks like on a macOS system. This is a great question and the answer is no

themittenmac 2021 EN APT MacOS activity
Ukraine warns of InvisiMole attacks tied to state-sponsored Russian hackers https://www.zdnet.com/article/ukraine-warns-of-invisimole-attacks-tied-to-state-sponsored-russian-hackers/
21/03/2022 21:02:35
QRCode
archive.org
thumbnail

InvisiMole has been collaborating with the Gamaredon APT for years.

InvisiMole APT EN 2022 Russia state-sponsored ukraine zdnet phishing cyberwar
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups https://blog.talosintelligence.com/2022/03/iranian-supergroup-muddywater.html
10/03/2022 16:30:02
QRCode
archive.org
thumbnail

Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).

talosintelligence Iranian EN 2022 APT research MuddyWater Turkey SloughRAT RAT
Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement https://www.proofpoint.com/us/blog/threat-insight/asylum-ambuscade-state-actor-uses-compromised-private-ukrainian-military-emails
04/03/2022 09:15:27
QRCode
archive.org
thumbnail
  • Proofpoint has identified a likely nation-state sponsored phishing campaign using a possibly compromised Ukrainian armed service member’s email account to target European government personnel involved in managing the logistics of refugees fleeing Ukraine.
  • The email included a malicious macro attachment which attempted to download a Lua-based malware dubbed SunSeed.
  • The infection chain used in this campaign bears significant similarities to a historic campaign Proofpoint observed in July 2021, making it likely the same threat actor is behind both clusters of activity.
  • Proofpoint is releasing this report in an effort to balance accuracy with responsibility to disclose actionable intelligence during a time of high-tempo conflict.
APT Russia Ukraine Government Military proofpoint EN 2022 phishing refugees SunSeed
The Bvp47 - a Top-tier Backdoor of US NSA Equation Group https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/
23/02/2022 10:13:09
QRCode
archive.org
thumbnail

Bvp47 - a Top-tier Backdoor of US NSA Equation Group

PDF Document

pangulab EN 2022 analysis NSA EquationGroup Backdoor Bvp47 APT CIA TheShadowBrokers
Chinese cyber-attackers 'targeted Taiwanese financial firms' https://www.theregister.com/2022/02/23/apt10_operation_cache_panda_taiwan/
23/02/2022 08:03:57
QRCode
archive.org
thumbnail

Operation Cache Panda went after software used by majority of industry players

theregister 2022 EN APT APT10 QuasarRAT China Taiwan
Russian hackers have obtained sensitive defense information technology by targeting US contractors, according to CISA https://www.theverge.com/2022/2/16/22937554/russian-hackers-target-us-defense-contractors-nsa-cisa
16/02/2022 19:50:58
QRCode
archive.org
thumbnail
CISA EN 2022 Russia APT information US contractors theverge defense statesponsored
Cyber-attack on ICRC: What we know https://www.icrc.org/en/document/cyber-attack-icrc-what-we-know
16/02/2022 11:21:27
QRCode
archive.org
thumbnail

Nearly a month has passed since we determined that servers hosting personal data belonging to more than 515,000 people worldwide were hacked in a sophisticated cyber-attack. We are now in a position to share some findings of our analysis of this data breach.

attack ICRC analysis APT sharing databreach
Charting TA2541's Flight https://www.proofpoint.com/us/blog/threat-insight/charting-ta2541s-flight
15/02/2022 11:43:09
QRCode
archive.org
thumbnail
TA2541 proofpoint aviation APT RAT EN transportation
Minaccia Malware prende di mira il settore dell'aviazione e dell'industria aerospaziale https://www.ictsecuritymagazine.com/notizie/minaccia-malware-prende-di-mira-il-settore-dellaviazione-e-dellindustria-aerospaziale/
15/02/2022 11:40:44
QRCode
archive.org
thumbnail

I ricercatori di Proofpoint hanno rilevato TA2541, un attore di minaccia persistente che da anni prende di mira i settori di aviazione, industria

TA2541 IT APT RAT Malware aviazione ictsecuritymagazine
Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica https://arstechnica.com/information-technology/2022/01/backdoor-for-windows-macos-and-linux-went-undetected-until-now/
15/02/2022 10:22:27
QRCode
archive.org
thumbnail

Never-before-seen, cross-platform SysJoker came from an "advanced threat actor."

Backdoor RAT EN arstechnica SysJoker APT
ModifiedElephant APT and a Decade of Fabricating Evidence https://www.sentinelone.com/labs/modifiedelephant-apt-and-a-decade-of-fabricating-evidence/
14/02/2022 08:08:29
QRCode
archive.org
thumbnail

A previously unreported threat actor has been targeting civil society for over a decade. Read about how it operates and its relationships to other threats.

SentinelOne EN attribution research APT ModifiedElephant
306 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn - Curated by Decio