Cyber Espionage

OilRig Hackers Exploiting Microsoft Exchange Server To Steal Login Details

Earth Simnavaz, an Iranian state-sponsored cyber espionage group, has recently intensified its attacks on critical infrastructure in the UAE and…

4 weeks ago

UNC2970 Hackers Attacking Job Seekers Using Weaponized PDF Reader

UNC2970, a North Korean cyber espionage group, used customized SumatraPDF trojans to deliver MISTPEN backdoors to victims through phishing emails…

2 months ago

Chinese Hackers Using Open Source Tools To Launch Cyber Attacks

Three Chinese state-backed threat groups, APT10, GALLIUM, and Stately Taurus, have repeatedly employed a modified version of the open-source network…

2 months ago

Operation DevilTiger, APT Hackers 0-Day Exploitation Tactics Exposed

The APT-Q-12 group, also known as Pseudo Hunter, is a Northeast Asian threat actor linked to Darkhotel, which primarily targets…

2 months ago

Iranian APT42 Actors Conducting World Wide Surveillance Operations

APT42 (aka Damselfly, UNC788, CALANQUE, Charming Kitten) is a sophisticated Iranian state-sponsored cyber espionage group.  This Advanced Persistent Threat (APT)…

3 months ago

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and often have extensive community support, making…

4 months ago

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to target military personnel in the Middle…

4 months ago

Kimusk’s HappyDoor Executed Via regsvr32 File To Evade Detection

Kimsuky, also known as the Velvet Chollima, Black Banshee, THALLIUM, or Emerald Sleet, is a North Korean state-sponsored advanced cyber…

4 months ago

OilRig Hackers Attacking Individuals And Organizations In The Middle East

OilRig is an Iranian-linked cyber espionage group that has been active since 2015, and this group is known for its…

5 months ago

Chinese UNC3886 Actors Exploiting VMware, Fortinet 0-days For Spying

In 2021, UNC3886, a suspected China nexus cyber espionage actor, was found to be targeting strategic organizations on a large…

5 months ago