APT Archives

Malware & Threats

Chinese Hackers Target Chinese Users With RAT, Rootkit

China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit.

Ionut ArghireJune 27, 2025

Nation-State

Chinese APT Hacking Routers to Build Espionage Infrastructure

A Chinese APT has been infecting SOHO routers with the ShortLeash backdoor to build stealthy espionage infrastructure.

Ionut ArghireJune 24, 2025

Ransomware

Fog Ransomware Attack Employs Unusual Tools

Multiple legitimate, unusual tools were used in a Fog ransomware attack, including one employed by Chinese hacking group APT41.

Ionut ArghireJune 13, 2025

Malware & Threats

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names

Microsoft and CrowdStrike are running a project that aims to align threat actor names, and Google and Palo Alto Networks will also contribute.

Eduard KovacsJune 3, 2025

Nation-State

Chinese APT Mustang Panda Updates, Expands Arsenal

The Chinese state-sponsored group Mustang Panda has used new and updated malicious tools in a recent attack.

Ionut ArghireApril 17, 2025

Malware & Threats

Chinese APT Weaver Ant Targeting Telecom Providers in Asia

Weaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access.

Ionut ArghireMarch 25, 2025

Nation-State

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley

The FishMonger APT group, a subdivision of Chinese cybersecurity firm I-Soon, compromised seven organizations in a 2022 campaign.

Ionut ArghireMarch 21, 2025

Malware & Threats

11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft

ZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands.

Eduard KovacsMarch 18, 2025

Mobile & Wireless

North Korean Hackers Distributed Android Spyware via Google Play

The North Korea-linked APT37 has been observed targeting Android users with spyware distributed via Google Play.

Ionut ArghireMarch 13, 2025

Nation-State

1,600 Victims Hit by South American APT’s Malware

South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign.

Ionut ArghireMarch 11, 2025

Artificial Intelligence

Can AI Early Warning Systems Reboot the Threat Intel Industry?

News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this...

Ryan NaraineFebruary 10, 2025

Incident Response

Chinese Hackers Accessed US Treasury Workstations in ‘Major’ Cybersecurity Incident

Chinese hackers remotely accessed US Treasury Department workstations after compromising a cloud-based service operated by BeyondTrust.

SecurityWeek NewsDecember 31, 2024

Endpoint Security

Sophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-Days

British EDR vendor Sophos details a years-long “cat-and-mouse” tussle with sophisticated Chinese government-backed hackers.

Ryan NaraineOctober 31, 2024

Malware & Threats

Indian APT Targeting Mediterranean Ports and Maritime Facilities

The SideWinder APT has been targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea in recent attacks.

Ionut ArghireJuly 30, 2024

Email Security

US Says North Korean Hackers Exploiting Weak DMARC Settings

The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.

Ionut ArghireMay 3, 2024

Cyberwarfare

Cyberespionage Campaign Targets Government, Energy Entities in India

Threat intelligence firm EclecticIQ documents the delivery of malware phishing lures to government and private energy organizations in India.

Ionut ArghireMarch 28, 2024

Government

Five Eyes Agencies Issue New Alert on Chinese APT Volt Typhoon

Government agencies in the Five Eyes countries warn critical infrastructure entities of Chinese state-sponsored hacking group Volt Typhoon.

Ionut ArghireMarch 20, 2024

Cloud Security

New Open Source Tool Hunts for APT Activity in the Cloud

The CloudGrappler open source tool can detect the presence of known threat actors in cloud environments.

Ionut ArghireMarch 11, 2024

Incident Response

Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails

Microsoft says the Midnight Blizzard APT group may still be poking around its internal network after stealing source code, spying on emails.

Ryan NaraineMarch 8, 2024

Malware & Threats

‘YoroTrooper’ Espionage Group Linked to Kazakhstan

Cisco links the espionage-focused ‘YoroTrooper’ threat actor to Kazakhstan.

Ionut ArghireOctober 25, 2023

SECURITYWEEK NETWORK:

ICS:

All posts tagged "APT"

Malware & Threats

Chinese Hackers Target Chinese Users With RAT, Rootkit

Nation-State

Chinese APT Hacking Routers to Build Espionage Infrastructure

Ransomware

Fog Ransomware Attack Employs Unusual Tools

Malware & Threats

Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names

Nation-State

Chinese APT Mustang Panda Updates, Expands Arsenal

Malware & Threats

Chinese APT Weaver Ant Targeting Telecom Providers in Asia

Nation-State

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley

Malware & Threats

11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft

Mobile & Wireless

North Korean Hackers Distributed Android Spyware via Google Play

Nation-State

1,600 Victims Hit by South American APT’s Malware

Artificial Intelligence

Can AI Early Warning Systems Reboot the Threat Intel Industry?

Incident Response

Chinese Hackers Accessed US Treasury Workstations in ‘Major’ Cybersecurity Incident

Endpoint Security

Sophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-Days

Malware & Threats

Indian APT Targeting Mediterranean Ports and Maritime Facilities

Email Security

US Says North Korean Hackers Exploiting Weak DMARC Settings

Cyberwarfare

Cyberespionage Campaign Targets Government, Energy Entities in India

Government

Five Eyes Agencies Issue New Alert on Chinese APT Volt Typhoon

Cloud Security

New Open Source Tool Hunts for APT Activity in the Cloud

Incident Response

Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails

Malware & Threats

‘YoroTrooper’ Espionage Group Linked to Kazakhstan

Featured

Cybercrime

Hunters International Shuts Down, Offers Free Decryptors as It Morphs Into World Leaks

Uncategorized

Ingram Micro Scrambling to Restore Systems After Ransomware Attack

Malware & Threats

North Korean Hackers Use Fake Zoom Updates to Install macOS Malware

Data Breaches

Qantas Data Breach Impacts Up to 6 Million Customers

Artificial Intelligence

Cloudflare Puts a Default Block on AI Web Scraping

Tracking & Law Enforcement

US Storms 29 Laptop Farms in Crackdown on North Korean IT Worker Schemes

Hacker Conversations

Hacker Conversations: Rachel Tobac and the Art of Social Engineering

Latest News

Vulnerabilities

Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild

Uncategorized

Ingram Micro Scrambling to Restore Systems After Ransomware Attack

Cybercrime

Police in Brazil Arrest a Suspect Over $100M Banking Hack

Cybercrime

In Other News: Hacker Helps Kill Informants, Crylock Developer Sentenced, Ransomware Negotiator Probed

Mobile & Wireless

Undetectable Android Spyware Backfires, Leaks 62,000 User Logins

Network Security

Cisco Warns of Hardcoded Credentials in Enterprise Software

Malware & Threats

North Korean Hackers Use Fake Zoom Updates to Install macOS Malware

Daily Briefing Newsletter