News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Day: APT

APT: Cooperation of Hive, Royal and Black Basta Ransomware
August 14, 2023
| No comments
| Short news, Sophos
SophosNews

In its Clustering Attacker Behavior Reveals Hidden Patterns report, Sophos publishes new insights into connections between the most prominent ransomware groups of the past year: Hive, Black Basta and Royal. Recent attacks suggest that the three ransomware groups share playbooks or partners. As of January 2023, Sophos X-Ops had investigated four different ransomware attacks over a three-month period, one originating from Hive, two from Royal and one from Black Basta. Clear similarities between the attacks were found. Although Royal is considered a very closed group with no visible partners from underground forums...

Read more

LinkedIn: Personal data first stolen, then sold
August 13, 2023
| No comments
| PR News, TrendMicro
LinkedIn: Personal data first stolen, then sold - Image by Gerd Altmann on Pixabay

The data of a business network is also interesting for cyber gangsters: other companies are deceived with stolen contact data and profiles or the data is used for BCE mails - business email compromise. This is how users and companies can protect themselves. Almost everyone who is looking for a new job probably knows this situation: a headhunter writes to you on LinkedIn and the job offer sounds interesting. So you are quickly tempted to send your CV to the supposed headhunter without much thought. After all, speed is required when looking for a job. But beware! Japanese cybersecurity provider Trend…

Read more

Ukraine War: CommonMagic APT campaign expands
June 13, 2023
| No comments
| Short news
Kaspersky_news

Recent Kaspersky research shows that the threat actor behind the CommonMagic campaign is expanding its malicious activities, both regionally and from a technical perspective. According to them, the newly discovered framework 'CloudWizard' has extended its victimology to organizations in central and western Ukraine; so far, companies in the Russian-Ukrainian war zone have been affected. In addition, Kaspersky experts were able to link the initially unknown actor to previous APT campaigns such as Operation BugDrop and Operation Groundbait (Prikormka). Back in March of this year, Kaspersky reported on a new APT campaign in the Russian-Ukrainian war zone called CommonMagic, which will use PowerMagic and CommonMagic implants...

Read more

AOK – MOVEit hack: CLOP Group issues ultimatum until June 14th 
June 9, 2023
| No comments
| PR News
AOK - MOVEit hack: CLOP Group issues ultimatum until June 14th

A few days ago it became known that the MOVEit data transfer software used by the AOK had a blatant vulnerability. The BSI even registered a data leak. In the meantime, there is an ultimatum on the website of the CLOP APT group: companies affected worldwide must report by June 14 and pay a ransom for their data, otherwise everything will be published. While some experts are still arguing about who exploited and attacked the MOVEit Transfer vulnerability worldwide, the APT group released a statement on their leak page. There it is stated that a large number of companies store masses of data…

Read more

Ransomware Report: LockBit targets macOS
June 4, 2023
| No comments
| PR News
Ransomware Report: LockBit targets macOS

LockBit, currently the most active ransomware group, expanded its activities to macOS devices in April. Furthermore, vulnerabilities in the PaperCut printer software are actively exploited. Vice Society and Play, who like to attack the education sector, have developed new methods. A brief overview of the detected threats in April. Precisely because the Mac ecosystem has traditionally been almost ransomware-free, LockBit's new macOS ransomware is a dangerous development in the threat landscape. The new actions show that LockBit continues to diversify its operations and is currently actively developing a malware for macOS….

Read more

APT group Red Stinger attacked Ukraine-KRITIS 
18 May 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Malwarebytes experts have named the new APT group Red Stinger. The group carried out espionage operations against Ukraine, specifically targeting KRITIS areas. Malwarebytes' threat intelligence team has released investigations into a new Advanced Persistent Threat (APT) group Red Stinger, which has been conducting espionage operations in Ukraine, some of which aimed to monitor government organizations. Attacks on Ukraine-KRITIS Malwarebytes' investigations began as early as September 2022. Overall, attacks by the APT group were identified from the end of 2020. Newly discovered APT group targets facilities in Russian-Ukrainian conflict region...

Read more

Chinese, Russian APT groups attack Europe
13 May 2023
| No comments
| PR News
Chinese, Russian APT groups attack Europe

The European Union is increasingly targeted by Chinese and Russian APT groups. This is shown by the current ESET APT report, which reports on the latest developments in hacker groups such as Lazarus, Mustang Panda or Ke3chang. ESET security experts are seeing increasing attacks by APT (Advanced Persistent Threat) groups with ties to China, North Korea and Russia on EU countries and organizations in these countries. With fake job offers from the aviation company Boeing, the Lazarus Group tried to steal access data from employees of a Polish armaments company. Ke3chang and Mustang Panda, players with ties to China, have also attacked European companies. As part of…

Read more

Iranian APT Group Charming Kitten Attacks US & Europe
12 May 2023
| No comments
| Bitdefender, PR News
Iranian APT group Charming-Kitten attacks USA & Europe

Iranian-led APT group Charming Kitten (aka Mint Sandstorm) is behind the new BellaCiao malware campaign targeting organizations in the US, Europe, Israel, Turkey and India. New to the attack: The malware is used as hard code. In its current report, Bitdefender Labs analyzes the attack methods of the new active malware campaign BellaCiao. The well-known Iranian Charming Kitten group uses it to initially search for vulnerabilities in an opportunistic and automated manner before launching highly sophisticated malware attacks that are individually tailored to the individual victims. They then attack the targets using a novel command-and-control (CC) infrastructure. Hackers can...

Read more

Hacker group from Iran with new attack methods
8 May 2023
| No comments
| Stories
Hacker group from Iran with new attack methods

Security researchers have uncovered a new scam linked to the Phosphorus APT group. This hacking group has a wide range of skills, from ransomware to targeted spear phishing against high-profile individuals. Check Point Research (CPR) reports that they are on the trail of a new hacking campaign. This activity cluster was named Educated Manticore, after the manticore creature from Persian mythology, with which the security researchers want to make it clear from the name which nation they suspect is behind the campaign. Iranian state hacker groups Sergey Shykevich, Threat Group Manager at Check Point Software…

Read more

Russia-Ukraine: APT campaign in conflict area
22 April 2023
| No comments
| Short news
Kaspersky_news

A previously unknown malware in an APT campaign steals data from administrative, agricultural and transport companies in Donetsk, Luhansk and Crimea regions. The new backdoor PowerMagic and the modular framework CommonMagic are used. In October 2022, Kaspersky researchers discovered an ongoing Advanced Persistent Threat (APT) campaign targeting organizations in the Russian-Ukrainian war zone. Dubbed 'CommonMagic' by Kaspersky, the espionage campaign has been active since at least September 2021 and uses a previously unknown malware to gather data from its targets. The targets include administrative, agricultural and transport companies in the regions…

Read more

© 2024 MedPressIT GbR
Cookie Settings