Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor

Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor

Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor A previously undocumented threat activity cluster dubbed Earth Minotaur is leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows backdoor called DarkNimbus to facilitate long-term surveillance operations targeting Tibetans and Uyghurs. “Earth Minotaur uses MOONSHINE to deliver the DarkNimbus Read more…

Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities

Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities

Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since Read more…

AndroxGh0st Malware

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services Nov 08, 2024Ravie LakshmananIoT Security / Vulnerability The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. “This botnet utilizes remote code Read more…

Cloud-Based Tools

IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools

IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools Nov 08, 2024Ravie LakshmananCyber Espionage / Threat Intelligence High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. The intrusions linked Read more…

SteelFox and Rhadamanthys Malware

SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims

SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys information stealer since July 2024. Cybersecurity firm Check Point is tracking the large-scale campaign under the name CopyRh(ight)adamantys. Read more…