Data from a Chinese cybersecurity vendor that works for the Chinese government exposed a range of hacking tools and services.
Tag: APT
FBI and CISA publish guide to Living off the Land techniques
FBI and CISA have produced guidance about Chinese APT group Volt Typhoon and other groups that use Living off the Land (LOTL) techniques.
CISA issues alert with South Korean government about DPRK’s ransomware antics
CISA and other federal agencies were joined by the National Intelligence Service (NIS) and the Defense Security Agency of the Republic…
APT broke into a federal agency using Log4Shell
In a joint cybersecurity advisory, two US federal agencies have revealed that an attacker sponsored by the Iranian government broke into…
Chinese APT’s favorite vulnerabilities revealed
In a joint cybersecurity advisory, the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau…
Winnti APT group docks in Sri Lanka for new campaign
In early August, the Malwarebytes Threat Intelligence team identified a new attack targeting government entities in Sri Lanka. The threat actors…
Woody RAT: A new feature-rich malware spotted in the wild
This blog post was authored by Ankur Saini and Hossein Jazi The Malwarebytes Threat Intelligence team has identified a new Remote…
North Korean APT targets US healthcare sector with Maui ransomware
State-sponsored North Korean threat actors have been targeting the US Healthcare and Public Health (HPH) sector for the past year using…
Immigration organisations targeted by APT group Evilnum
Organisations working in the immigration sector are advised to be on high alert for Advanced Persistent Threat (APT) attacks. Bleeping Computer…
“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft
Microsoft has warned that “multiple adversaries and nation-state actors” are making use of the recent Atlassian Confluence RCE vulnerability. A fix…