NSFOCUS Honored as a Representative Vendor in Gartner’s 2024 Market Guide for Security Threat Intelligence Products and Services
agosto 21, 2024
SANTA CLARA, Calif., August 21, 2024 – We are thrilled to announce that NSFOCUS has been recognized for the fourth consecutive year in Gartner’s esteemed 2024 Market Guide for Security Threat Intelligence Products and Services. This accolade is a testament to our enduring commitment to delivering advanced threat intelligence solutions that safeguard our clients against […]
New APT Group Actor240524: A Closer Look at Its Cyber Tactics Against Azerbaijan and Israel
agosto 8, 2024
Overview Leveraging NSFOCUS’s Global Threat Hunting System, NSFOCUS Security Labs (NSL) captured an attack campaign targeting Azerbaijan and Israel on July 1, 2024. By analyzing the tactics, attack vectors, weapons, and infrastructure of the attack in this incident, it was found that the exposed attack characteristics have no direct connection with known APT groups. Therefore, […]
TransparentTribe’s Spear-Phishing Targeting Indian Government Departments
julho 24, 2024
Overview Leveraging our global threat hunting system, NSFOCUS Security Research Labs discovered spear-phishing email attacks by the APT group TransparentTribe targeting Indian government departments on February 2, 2024. The timing of these attacks coincides with the presidential election in India, scheduled for April-May of this year, and the bait documents are related to the “President’s […]
The New APT Group DarkCasino and the Global Surge in WinRAR 0-Day Exploits
novembro 10, 2023
Overview In 2022, NSFOCUS Research Labs revealed a large-scale APT attack campaign called DarkCasino and identified an active and dangerous aggressive threat actor. By continuously tracking and in-depth study of the attacker’s activities, NSFOCUS Research Labs has ruled out its link with known APT groups, confirmed its high-level persistent threat nature, and following the operational […]
APT Group DarkPink Exploits WinRAR 0-Day to Target Multiple Entities in Vietnam and Malaysia
outubro 13, 2023
Overview NSFOCUS Security Labs has been continuously monitoring the newly discovered WinRAR 0-day vulnerability, CVE-2023-38831. It has come to our attention that the advanced persistent threat group known as DarkPink has recently begun exploiting this vulnerability to target government entities in Vietnam and Malaysia. In this round of attack activities, DarkPink attackers have incorporated the […]
Indian Government Agencies Targeted in Phishing Attacks by APT Group SideCopy
março 13, 2023
Overview NSFOCUS detected a malicious macro file named “Cyber Advisory 2023.docm ” last month and confirmed that the document was delivered by Pakistan APT group SideCopy to lure the target to open and read while downloading the Trojan horse ReverseRAT to receive CnC instructions to steal data. SideCopy was disclosed by the security company Quick […]
Bread Crumbs of Threat Actors (Feb 13 – 26, 2023)
março 10, 2023
From 13 to 26 February 2023, NSFOCUS Security Labs found activity clues from 66 APT groups, one malware family (CoinMiner), and 426 threat actors targeting critical infrastructure. APT Groups Among the 66 APT groups discovered, the APT28 affected the most significant number of hosts from 13 to 26 February. Number of hosts affected by APT […]
Bread Crumbs of Threat Actors (Dec 19, 2022 – Jan 1, 2023)
janeiro 12, 2023
From December 19, 2022 to Jan 1, 2023, NSFOCUS Security Labs found activity clues of 61 APT groups, 3 malware families (Zbot botnet, SpicyHotPot Trojan, and Banload Trojan), and 490 threat actors targeting critical infrastructure. APT Groups Among the 61 APT groups discovered, the APT28 affected the most significant number of hosts from December 19 […]
Analysis of Cyber Attack of APT Organization Confucius against Pakistan’s Intelligence-Based Operation
janeiro 12, 2023
Overview Affected by many factors, Pakistan has long suffered from serious local terrorism threats. The country has also taken counter-terrorism as an important national security strategy. In the second half of 2022, the Pakistani security forces carried out many intelligence-based operations (IBO) in Baluchistan, Khyber and North Waziristan, and killed many terrorists. Pakistan’s recent high-profile […]
Bread Crumbs of Threat Actors (Dec 5, 2022 – Dec 18, 2022)
dezembro 26, 2022
From December 5, 2022 to December 18, 2022, NSFOCUS Security Labs found activity clues of 66 APT groups, 3 malware families (MoonBounce Trojans, Razy Trojans and the CoinMinder), and 509 threat actors targeting critical infrastructure. APT Groups Among the 66 discovered APT groups, the APT28 affected the most significant number of hosts from December 5 […]
