Malware & Threats
Weaver Ant, a cyberespionage-focused APT operating out of China, is targeting telecom providers for persistent access.
Hi, what are you looking for?
SecurityWeek
All posts tagged "APT"
Nation-State
The FishMonger APT group, a subdivision of Chinese cybersecurity firm I-Soon, compromised seven organizations in a 2022 campaign.
Malware & Threats
ZDI has uncovered 1,000 malicious .lnk files used by state-sponsored and cybercrime threat actors to execute malicious commands.
Mobile & Wireless
The North Korea-linked APT37 has been observed targeting Android users with spyware distributed via Google Play.
Nation-State
South American cyberespionage group Blind Eagle has infected over 1,600 organizations in Colombia in a recent campaign.
Artificial Intelligence
News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this...
Incident Response
Chinese hackers remotely accessed US Treasury Department workstations after compromising a cloud-based service operated by BeyondTrust.
Endpoint Security
British EDR vendor Sophos details a years-long “cat-and-mouse” tussle with sophisticated Chinese government-backed hackers.
Malware & Threats
The SideWinder APT has been targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea in recent attacks.
Email Security
The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.
Cyberwarfare
Threat intelligence firm EclecticIQ documents the delivery of malware phishing lures to government and private energy organizations in India.
Government
Government agencies in the Five Eyes countries warn critical infrastructure entities of Chinese state-sponsored hacking group Volt Typhoon.
Cloud Security
The CloudGrappler open source tool can detect the presence of known threat actors in cloud environments.
Incident Response
Microsoft says the Midnight Blizzard APT group may still be poking around its internal network after stealing source code, spying on emails.
Malware & Threats
Cisco links the espionage-focused ‘YoroTrooper’ threat actor to Kazakhstan.
Cyberwarfare
New and mysterious APT Sandman spotted targeting telcos in Europe and Asia as part of a cyberespionage campaign.
Network Security
Cybercriminals are increasingly trying to find ways to get around security, detection, intelligence and controls as APTs start to merge with conventional cybercrime.
Cloud Security
Microsoft reveals how a crash dump from 2021 inadvertently exposed a key that Chinese cyberspies later leveraged to hack US government emails.
Malware & Threats
The recently patched Ivanti EPMM zero-day CVE-2023-35078 has been exploited to hack the Norwegian government since at least April 2023.
Cloud Security
Researchers unmask an Iranian-run company providing command-and-control services to hacking groups, including state-sponsored APT actors.
Vulnerabilities
CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution.
Data Breaches
Vulnerabilities
Hacker Conversations
Artificial Intelligence
Malware & Threats
CryptoBandits uses a local SOCKS5 proxy for traffic routing, blending data theft with remote code execution.
Malware & Threats
Supply Chain Security
Malware & Threats
