Malware & Threats Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression Kapeka is a new backdoor that may be a new addition to Russia-link Sandworm’s malware arsenal and possibly a successor to GreyEnergy. Kevin TownsendApril 17, 2024
Nation-State Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44 Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44. Eduard KovacsApril 17, 2024
Cyberwarfare Russian Hackers Used OT Attack to Disrupt Power in Ukraine Amid Mass Missile Strikes Mandiant says Russia's Sandworm hackers used a novel OT attack to cause power outages that coincided with mass missile strikes on critical infrastructure across... Ryan NaraineNovember 9, 2023
Cybercrime Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw Google says it is still catching government-backed groups linked to China and Russia launching WinRAR exploits in targeted attacks. Ryan NaraineOctober 18, 2023
Cloud Security AWS Using MadPot Decoy System to Disrupt APTs, Botnets AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm. Ryan NaraineSeptember 29, 2023