Cloud-Based Tools

IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools

IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools Nov 08, 2024Ravie LakshmananCyber Espionage / Threat Intelligence High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. The intrusions linked Read more…

Malicious RDP Files

CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities

CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities Oct 26, 2024Ravie LakshmananCyber Attack / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities. “The messages exploit the appeal of integrating popular services Read more…

India-Linked Hackers

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities Sep 26, 2024Ravie LakshmananCloud Security / Cyber Espionage An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare Read more…

Donut and Sliver Frameworks

Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks

Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks Jul 03, 2024NewsroomCyber Attack / Malware Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The campaign, believed to be highly targeted in nature, “leverage target-specific infrastructure and custom WordPress Read more…

Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia

Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia

Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in April 2022. In a joint advisory published by the Cybersecurity and Read more…

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities

Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), Read more…