Happy Monday! This week, DarkOwl analysts dive into: ?? Hamas-Affiliated Threat Actor Targets Israeli Entities With Wiper Malware ?? Iran-Linked TA455 Distributes SnailResin Malware ?? Researchers Identify New Ransomware Family “Ymir”? ?? Former Government Employee Charged For Leaking U.S. Intelligence Documents ? DOJ Indicts Snowflake Hackers #threatintelligence #OSINT #cybernews
DarkOwl的动态
最相关的动态
-
The advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of delivering a known malware dubbed HATVIBE.?https://lnkd.in/gBU35MH2
UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents
thehackernews.com
-
ISPs and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework. https://lnkd.in/gCeBReKt
New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities
thehackernews.com
-
Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns. "BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims," Lookout said in an analysis. "Both BoneSpy and PlainGnome collect data such as SMS messages, call logs, phone call audio, photos from device cameras, device location, and contact lists." Gamaredon, also called Aqua Blizzard, Armageddon, BlueAlpha, Hive0051, Iron Tilden, Primitive Bear, Shuckworm, Trident Ursa, UAC-0010, UNC530, and Winterflounder, is a hacking group affiliated with Russia's Federal Security Service (FSB). Stay Connected to Sidharth Sharma, CPA, CISA, CISM, CFE, CDPSE for content related to Cyber Security. #CyberSecurity #JPMC #Technology #InfoSec #DataProtection #DataPrivacy #ThreatIntelligence #CyberThreats #NetworkSecurity #CyberDefense #SecurityAwareness #ITSecurity #SecuritySolutions #CyberResilience #DigitalSecurity #SecurityBestPractices #CyberRisk #SecurityOperations?
Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States
thehackernews.com
-
A "multi-month law enforcement operation" is to be launched by the FBI to combat a malware called PlugX which was developed by Mustang Panda, a hacker group reportedly employed by the Chinese government. The malware was modified in 2020 to spread through devices via connected USB flash drives creating a wide-ranging hack and long-term infection of thousands of Windows-based computers, including many home computers in the United States. According to the Justice Department and the FBI, this malware has been used to hack computers in at least 170 countries, giving the hackers considerable access to international communications that targeted American, European, and Asian governments and businesses since 2014. ? #mustangpanda #plugx #fbi #usdoj #mswindows #cybersecurity #securityoperations #securityoperationscenter #SOC #infosec #informationsecurity #informationtechnology #IT #cyberattack #cyberbreach #databreach #dataleak #malware #ransomware #DDoS #phishing #networksecurity #networkforensics #NDR #networkdetectionandresponse #internetoutage #networkmonitoring Read more: https://lnkd.in/eWnpeXaa
FBI reveals major malware attack from China group "Mustang Panda"
newsweek.com
-
Security Operations Center (SOC) Analyst | Masters of Science in Cybersecurity | Security+ | Splunk | QRadar | Crowdstrike | SentinelOne | Proofpoint | Python | Java | JavaScript | Kali Linux
Interesting to reverse engineer these types of malware to see how technology is evolving in the creation of malware.
Chinese hackers are increasingly deploying ransomware, researchers say
https://cyberscoop.com
-
Russian hacker group Turla exploits Afghan government networks. They're leveraging existing breaches by Storm-0156 to deploy custom malware like TwoDash and Statuezy. #Turla #Storm0156 #TwoDash #Statuezy #ThreatIntelligence #CyberSecurity
Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities
thehackernews.com
-
APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP. Targeting governments and armed forces, think tanks, academic researchers, and Ukrainian entities. Gist: A victim of this technique would give partial control of their machine to the attacker, potentially leading to data leakage and malware installation. Source: https://lnkd.in/gY-d2JKf #cybersecurity
APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP
thehackernews.com
-
DOJ deletes China-linked PlugX malware off more than 4,200 US computers China-backed hackers using the PlugX malware have been purged from thousands of U.S. computers by an FBI and Justice Department joint operation in cooperation with French authorities and cybersecurity firm Sekoia.io. The operation, authorized by a court order in the Eastern District of Pennsylvania, removed the malware—which Chinese state-sponsored group Mustang Panda had used to infect and control devices, steal data, and gain access to disconnected networks—without affecting the devices' legitimate functions.
DOJ deletes China-linked PlugX malware off more than 4,200 US computers
therecord.media
-
TGIF, Experts at Mandiant attributed exploitation of the bug to China-based hackers because the malware seen in attacks has only ever been used by Chinese campaigns exploiting Ivanti Connect Secure appliances.?#APT #Vulnerability #Exploit #DevSecOps #Infosec #cyberwar #Patch
Chinese spies targeting new Ivanti vulnerability, Mandiant says
therecord.media
