APT Group;

Indian Government Agencies Targeted in Phishing Attacks by APT Group SideCopy

março 13, 2023

Overview NSFOCUS detected a malicious macro file named “Cyber Advisory 2023.docm ” last month and confirmed that the document was delivered by Pakistan APT group SideCopy to lure the target to open and read while downloading the Trojan horse ReverseRAT to receive CnC instructions to steal data. SideCopy was disclosed by the security company Quick […]

Bread Crumbs of Threat Actors (Feb 13 – 26, 2023)

março 10, 2023

From 13 to 26 February 2023, NSFOCUS Security Labs found activity clues from 66 APT groups, one malware family (CoinMiner), and 426 threat actors targeting critical infrastructure. APT Groups Among the 66 APT groups discovered, the APT28 affected the most significant number of hosts from 13 to 26 February. Number of hosts affected by APT […]

Bread Crumbs of Threat Actors (Dec 19, 2022 – Jan 1, 2023)

janeiro 12, 2023

From December 19, 2022 to Jan 1, 2023, NSFOCUS Security Labs found activity clues of 61 APT groups, 3 malware families (Zbot botnet, SpicyHotPot Trojan, and Banload Trojan), and 490 threat actors targeting critical infrastructure. APT Groups Among the 61 APT groups discovered, the APT28 affected the most significant number of hosts from December 19 […]

Analysis of Cyber Attack of APT Organization Confucius against Pakistan’s Intelligence-Based Operation

janeiro 12, 2023

Overview Affected by many factors, Pakistan has long suffered from serious local terrorism threats. The country has also taken counter-terrorism as an important national security strategy. In the second half of 2022, the Pakistani security forces carried out many intelligence-based operations (IBO) in Baluchistan, Khyber and North Waziristan, and killed many terrorists. Pakistan’s recent high-profile […]

Bread Crumbs of Threat Actors (Dec 5, 2022 – Dec 18, 2022)

dezembro 26, 2022

From December 5, 2022 to December 18, 2022, NSFOCUS Security Labs found activity clues of 66 APT groups, 3 malware families (MoonBounce Trojans, Razy Trojans and the CoinMinder), and 509 threat actors targeting critical infrastructure. APT Groups Among the 66 discovered APT groups, the APT28 affected the most significant number of hosts from December 5 […]

Bread Crumbs of Threat Actors (Nov 21, 2022 – Dec 4, 2022)

dezembro 22, 2022

From November 21, 2022 to December 4, 2022, NSFOCUS Security Labs found activity clues of 60 APT groups, 2 malware families (Mozi ransomware and Banload Trojan horse), and 510 threat actors targeting critical infrastructure. APT Groups Among the 60 discovered APT groups, the APT group Outlaw affected the most significant number of hosts from November […]

APT Group Gamaredon Intensifies Cyber Offensive in Ukraine (Part 2)

setembro 29, 2022

Part 1: APT Group Gamaredon Intensifies Cyber Offensive in Ukraine (Part 1) Type 2: Send malicious HTML attachments by masquerading notification emails The second type of attack activity Gamaredon mainly carried out is spear phishing emails. This is a new attack process that emerged in the second quarter of this year. Gamaredon attackers placed layers […]

APT Group Gamaredon Intensifies Cyber Offensive in Ukraine (Part 1)

setembro 28, 2022

Overview Beginning in the second quarter of this year, NSFOCUS Security Labs discovered that the APT group Gamaredon began frequently using a number of different types of attacks to conduct cyberattacks against military and police targets in Ukraine’s Kherson, Donetsk and other regions. In this attack cycle, Gamaredon mainly used attack tools such as malicious […]

APT Group Evilnum Launched a New Round of Cyberattacks on Online Transactions

setembro 26, 2022

Overview NSFOCUS Security Labs detected a string of related phishing attacks recently. The analysis confirmed that these activities were staged by the APT group Evilnum and they were a continuation of the group’s recent operation DarkCasino. This round of cyberattacks occurred in late July and lasted until early August. Evilnum attackers maintained consistent attack methodology […]

Operation DarkCasino: In-Depth Analysis of Attacks by APT Group Evilnum (Part 2)

setembro 20, 2022

Operation DarkCasino: In-Depth Analysis of Attacks by APT Group Evilnum (Part 1) Components Evilnum mainly used a new customized trojan in this operation. NSFOCUS Security Labs named it DarkMe based on the particular string in the trojan program. NSFOCUS Security Labs also discovered another new trojan program that had a close connection to this operation […]

Search

Inscreva-se no Blog da NSFOCUS