Mur d'images - Cyberveille

curated by Decio

TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks

Threat Hunting Case Study: Uncovering Turla | Intel 471

Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats

China-linked APT group Salt Typhoon compromised some US ISPs

Chinese APT Abuses VSCode to Target Government in Asia

CloudSorcerer APT uses cloud services and GitHub as C2 | Securelist

Chinese Cyberspies Employ Ransomware in Attacks for Diversion

Russian hackers use new Lunar malware to breach a European govt's agencies

To the Moon and back(doors): Lunar landing in diplomatic missions

Hacker free-for-all fights for control of home and office routers everywhere

The Updated APT Playbook: Tales from the Kimsuky threat actor group | Rapid7 Blog

Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa

Triangulation: validators, post-compromise activity and modules | Securelist

The New Frontline of Geopolitics | Understanding the Rise of State-Sponsored Cyber Attacks

JumpCloud says 'nation state' gang hit some customers

[Security Update] Incident Details

NCSC marks 20th anniversary of first response to state-sponsored cyber attack

Dissecting TriangleDB, a Triangulation spyware implant

Uncovering RedStinger - Undetected APT cyber operations in Eastern Europe since 2020

Winter Vivern | Uncovering a Wave of Global Espionage

Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack | Securelist

Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting

Uncle Sow: Dark Caracal in Latin America

DNS changer in malicious mobile app used by Roaming Mantis

ZINC weaponizing open-source software - Microsoft Security Blog

ZetaNile: Open source software trojans from North Korea

Raspberry Robin Malware Targets Telecom, Governments

Unmasking WindTape - Speaker Deck

LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company

POLONIUM targets Israel with Creepy malware

Charming Kitten: “Can We Have A Meeting?”

Kimsuky’s GoldDragon cluster and its C2 operations | Securelist

Justice Department seizes $500K from North Korean hackers who targeted US medical organizations

China: Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government urging Chinese authorities to take action against malicious cyber activities undertaken by Chinese actors

Why the Equation Group (EQGRP) is NOT the NSA | xorl %eax, %eax

The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact

APT ToddyCat

BRATA is evolving into an Advanced Persistent Threat

Lyceum .NET DNS Backdoor

From the Front Lines | Unsigned macOS oRAT Malware Gambles For The Win

Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation

What does APT Activity Look Like on MacOS?

Ukraine warns of InvisiMole attacks tied to state-sponsored Russian hackers

Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups

Asylum Ambuscade: State Actor Uses Compromised Private Ukrainian Military Emails to Target European Governments and Refugee Movement

The Bvp47 - a Top-tier Backdoor of US NSA Equation Group

Chinese cyber-attackers 'targeted Taiwanese financial firms'

Russian hackers have obtained sensitive defense information technology by targeting US contractors, according to CISA

Cyber-attack on ICRC: What we know

Charting TA2541's Flight

Minaccia Malware prende di mira il settore dell'aviazione e dell'industria aerospaziale

Backdoor RAT for Windows, macOS, and Linux went undetected until now | Ars Technica

ModifiedElephant APT and a Decade of Fabricating Evidence