Threat Actor Profile: APT29
APT29, also known as Cozy Bear, is a Russian hacker group believed to be affiliated with one or more Russian intelligence agencies. The group has been operating for the Russian…
APT29, also known as Cozy Bear, is a Russian hacker group believed to be affiliated with one or more Russian intelligence agencies. The group has been operating for the Russian…
In a recent blog post by Mandiant, a cybersecurity firm, they highlighted the potential risks associated with third-party Windows installers. The post emphasizes how threat actors can exploit these installers…
In the ever-evolving landscape of cyber threats, the UAC-0006 threat actor group has recently resurfaced with a new wave of attacks. This time, they're deploying the SmokeLoader malware through a…
In a recent report, the Computer Emergency Response Team of Ukraine (CERT-UA) has highlighted a significant increase in cyberattacks against the country’s civil infrastructure websites, particularly those of government agencies…
The notorious APT41 hacking group, known for their extensive cyber-espionage operations, has turned their attention to Android devices, deploying two newly discovered spyware strains, WyrmSpy and DragonEgg. These strains, discovered…
A new peer-to-peer (P2P) malware, named P2PInfect, has been discovered by Unit 42 researchers. This self-spreading malware targets Redis instances running on Internet-exposed Windows and Linux systems. P2PInfect is a…
In a recent series of campaigns identified by Proofpoint, university students have been targeted with fraudulent job offers purportedly related to bioscience and health entities. These campaigns, which began as…
In the complex world of cyber threats, it’s vital to stay updated on the latest tactics, techniques, and procedures (TTPs) employed by threat actors. Today, we explore a recent ransomware-as-a-service…
A critical vulnerability, tracked as CVE-2023-3519 (NVD), has been identified in Citrix ADC and Gateway products. This vulnerability is currently being exploited in the wild and the rate of exploitation…
A recent investigation by Trend Micro has uncovered a potential supply chain attack targeting the Pakistani government. The attack involves an MSI installer for the Pakistani government app E-Office, which…