cyber-espionage Archives • Page 9 of 13 • Daily CyberSecurity

Noisy Bear: A New APT Group Is Spying on Kazakhstan’s Energy Sector Noisy Bear, cyber espionage

Noisy Bear: A New APT Group Is Spying on Kazakhstan’s Energy Sector

Do Son September 8, 2025

The Seqrite Labs APT-Team has released an in-depth analysis of a newly discovered threat actor dubbed Noisy...

Kimsuky APT Is Using Social Engineering and AppleSeed Malware to Spy on South Korea Exploited VMware

Kimsuky APT Is Using Social Engineering and AppleSeed Malware to Spy on South Korea

Do Son September 5, 2025

The Genians Security Center (GSC) has published a detailed analysis of a new Advanced Persistent Threat (APT)...

Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

Operation HanKook Phantom: APT-37 Targets South Korean Institutions with LNK-Based Espionage Campaign

Do Son September 2, 2025

Researchers at Seqrite Lab have uncovered a new spear-phishing operation attributed to APT-37 (ScarCruft / InkySquid /...

Beyond Phishing: Iranian-Aligned Group Abuses Omani Mailbox to Spy on Diplomats Iranian-aligned, spear-phishing

Beyond Phishing: Iranian-Aligned Group Abuses Omani Mailbox to Spy on Diplomats

Do Son September 2, 2025

Recently, researchers at Dream’s Threat Intelligence Team uncovered a sophisticated spear-phishing campaign that leveraged a compromised mailbox...

TAOTH Campaign: Hijacked Software Updates Are Spreading Malware Across Asia Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

Iranian Cyber Reconnaissance IP Camera Security NCSC Warning Russian Hacktivists Taiwan Cyberattacks China State-Sponsored Hacking state-sponsored threat actor Ransomware RAT Abuse, AnyDesk

TAOTH Campaign: Hijacked Software Updates Are Spreading Malware Across Asia

Do Son September 1, 2025

Trend Micro researchers have detailed a sophisticated cyber-espionage operation, dubbed TAOTH, which leverages hijacked software updates and...

A Digital Watering Hole: How Russia’s APT29 Is Abusing Microsoft Auth Flow APT29, watering hole campaign

A Digital Watering Hole: How Russia’s APT29 Is Abusing Microsoft Auth Flow

Do Son August 31, 2025

Amazon’s threat intelligence team has identified and disrupted a watering hole campaign conducted by APT29 (also known...

ShadowSilk Unmasked: The Hybrid Espionage Group Targeting Central Asian Governments Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

Harvester APT Linux Backdoor OT Cyberattack Iranian APT Operation Olalampo MuddyWater APT Prince of Persia APT, Tonnerre v50 Patchwork APT, DLL Sideloading Subtle Snail, cyber espionage ShadowSilk, cyber espionage Volt Typhoon APT Group - Chinese Cybersecurity Firm

ShadowSilk Unmasked: The Hybrid Espionage Group Targeting Central Asian Governments

Do Son August 29, 2025

Group-IB analysts, in cooperation with CERT-KG, have published new research exposing the activities of a threat cluster...

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups Chinese APT, cyber espionage

An Espionage System: NSA, CISA, & Partners Expose Chinese APT Groups

Do Son August 28, 2025

In a multinational alert, the U.S. National Security Agency (NSA), CISA, FBI, and partners from more than...

A Persistent Threat: Blind Eagle Hacking Group Continues to Target Colombia Blind Eagle, cyber espionage

A Persistent Threat: Blind Eagle Hacking Group Continues to Target Colombia

Do Son August 28, 2025

Insikt Group has released new findings on TAG-144, also known as Blind Eagle, AguilaCiega, APT-C-36, or APT-Q-98,...

Google Threat Intelligence Exposes UNC6384’s Stealthy Espionage Campaign UNC6384, cyber-espionage

Google Threat Intelligence Exposes UNC6384’s Stealthy Espionage Campaign

Do Son August 27, 2025

Google Threat Intelligence Group (GTIG) uncovered a complex, multi-stage cyber-espionage campaign attributed to the PRC-linked threat actor...

Beyond Windows: Pakistan’s APT36 Group Is Now Attacking Linux Systems with Stealthy Malware AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

Beyond Windows: Pakistan’s APT36 Group Is Now Attacking Linux Systems with Stealthy Malware

Do Son August 26, 2025

The Pakistan-linked threat group APT36—also known as Transparent Tribe, Mythic Leopard, Earth Karkaddan, or Operation C-Major—has re-emerged...

Spur Links North Korean APT Infrastructure to Commercial Proxy Service WgetCloud

Do Son August 26, 2025

Last week, the leak site DDoSecrets.com published a data dump allegedly from a workstation of a threat...

Linux Under Attack: APT36 Launches New Cyber-Espionage Campaign on Indian Govt

Do Son August 25, 2025

The threat landscape in South Asia has taken a new turn with the resurgence of APT36 (Transparent...

UAC-0057 Targets Ukraine and Poland with Weaponized Archives and Evolving Implants BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

BlueNoroff macOS Attack GhostCall Campaign Carding Underground Bulletproof Hosting DPRK Contagious Interview, npm Flood Stonefly group -HiatusRAT Actors

UAC-0057 Targets Ukraine and Poland with Weaponized Archives and Evolving Implants

Do Son August 22, 2025

In a newly released report, French cybersecurity firm HarfangLab has revealed details of two interconnected cyber espionage...

A Decade of Espionage: How a Russian APT Exploited Cisco Devices (CVE-2018-0171) for Years Static Tundra CVE-2018-0171

A Decade of Espionage: How a Russian APT Exploited Cisco Devices (CVE-2018-0171) for Years

Do Son August 21, 2025

Cisco Talos has released a new analysis exposing “Static Tundra,” a Russian state-sponsored threat actor that has...

Beyond the Inbox: How a Cyber-Espionage Group Is Exploiting Two WinRAR Vulnerabilities WinRAR Zero-day

Beyond the Inbox: How a Cyber-Espionage Group Is Exploiting Two WinRAR Vulnerabilities

Do Son August 21, 2025

BI.ZONE Threat Intelligence uncovered a series of targeted cyber-espionage campaigns conducted by the Paper Werewolf (GOFFEE) cluster,...

Spies in Your Skype: GodRAT Malware Uses Steganography to Target Financial Firms Cyber-espionage, GodRAT

Spies in Your Skype: GodRAT Malware Uses Steganography to Target Financial Firms

Do Son August 20, 2025

Kaspersky Labs has identified a sophisticated cyber-espionage campaign targeting financial institutions, particularly trading and brokerage firms, through...

“Curly COMrades” Group Unmasked: Russian Threat Actors Deploy New Backdoor in Geopolitical Espionage Campaign Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

“Curly COMrades” Group Unmasked: Russian Threat Actors Deploy New Backdoor in Geopolitical Espionage Campaign

Do Son August 14, 2025

Bitdefender Labs has uncovered a new cyber-espionage group, dubbed “Curly COMrades”, believed to operate in support of...

Kimsuky Hacked: Hackers Leak 8.9GB of Stolen Data and Tools from North Korean Group North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack