Tag: APT group
-
Unit 42: Bookworm to Stately Taurus Using the Unit 42 Attribution Framework
Source URL: https://unit42.paloaltonetworks.com/bookworm-to-stately-taurus/ Source: Unit 42 Title: Bookworm to Stately Taurus Using the Unit 42 Attribution Framework Feedly Summary: We connect Bookworm malware to Chinese APT Stately Taurus using our attribution framework, enhancing our understanding of threat group tradecraft. The post Bookworm to Stately Taurus Using the Unit 42 Attribution Framework appeared first on Unit…
-
Cisco Talos Blog: UAT-7237 targets Taiwanese web hosting infrastructure
Source URL: https://blog.talosintelligence.com/uat-7237-targets-web-hosting-infra/ Source: Cisco Talos Blog Title: UAT-7237 targets Taiwanese web hosting infrastructure Feedly Summary: Cisco Talos discovered UAT-7237, a Chinese-speaking advanced persistent threat (APT) group active since at least 2022, which has significant overlaps with UAT-5918. AI Summary and Description: Yes Summary: The text discusses the activities of UAT-7237, a Chinese-speaking advanced persistent…
-
Cisco Talos Blog: Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine
Source URL: https://blog.talosintelligence.com/pathwiper-targets-ukraine/ Source: Cisco Talos Blog Title: Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine Feedly Summary: Cisco Talos observed a destructive attack on a critical infrastructure entity within Ukraine, using a previously unknown wiper we are calling “PathWiper.” AI Summary and Description: Yes Summary: Cisco Talos has reported a destructive cyber…
-
The Register: China’s FamousSparrow flies back into action, breaches US org after years off the radar
Source URL: https://www.theregister.com/2025/03/27/china_famoussparrow_back/ Source: The Register Title: China’s FamousSparrow flies back into action, breaches US org after years off the radar Feedly Summary: Crew also cooked up two fresh SparrowDoor backdoor variants, says ESET The China-aligned FamousSparrow crew has resurfaced after a long period of presumed inactivity, compromising a US financial-sector trade group and a…
-
Cisco Talos Blog: UAT-5918 targets critical infrastructure entities in Taiwan
Source URL: https://blog.talosintelligence.com/uat-5918-targets-critical-infra-in-taiwan/ Source: Cisco Talos Blog Title: UAT-5918 targets critical infrastructure entities in Taiwan Feedly Summary: UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim environments for information theft and…