APT (Advanced Persistent Threat)

Hackers Weaponizing LNK Files To Create Scheduled Task And Deliver Malware Payload

TA397, also known as Bitter, targeted a Turkish defense organization with a spearphishing email containing a RAR archive, which included…

5 days ago

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using spearphishing emails with malicious HTML attachments…

3 weeks ago

IcePeony Hackers Exploiting Public Web Servers To Inject Webshells

IcePeony, a China-nexus APT group, has been active since 2023, targeting India, Mauritius, and Vietnam by exploiting SQL injection vulnerabilities…

2 months ago

Crimson Palace Returns With New Hacking Tolls And Tactics

Cluster Bravo, despite its brief initial activity, subsequently targeted 11 organizations in the same region, as researchers found that these…

3 months ago

ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor

ToddyCat is an APT group that has been active since December 2020, and primarily it targets the government and military…

4 months ago

Operation Oxidovy, Threat Actors Targeting Government And Military Officials

The recent campaign targeting the Czech Republic involves a malicious ZIP file that contains a decoy LNK file and a…

4 months ago

Earth Baku Using Customized Tools To Maintain Persistence And Steal Data

Earth Baku, an APT actor who initially focused on the Indo-Pacific region, has grown its activities extensively since late 2022.…

4 months ago

Turla Hackers Weaponizing LNK-Files To Deploy Fileless Malware

Hackers often weaponize LNK files because they can carry malware into systems undetected by anyone. LNK files are shortcuts that,…

6 months ago