threat group – Experimental News Clipping Site

Cisco Talos Blog: Gamaredon campaign abuses LNK files to distribute Remcos backdoor

Mar 28, 2025

—

by

Source URL: https://blog.talosintelligence.com/gamaredon-campaign-distribute-remcos/ Source: Cisco Talos Blog Title: Gamaredon campaign abuses LNK files to distribute Remcos backdoor Feedly Summary: Cisco Talos is actively tracking an ongoing campaign, targeting users in Ukraine with malicious LNK files which run a PowerShell downloader since at least November 2024. AI Summary and Description: Yes **Summary:** The text details a…

The Register: China’s FamousSparrow flies back into action, breaches US org after years off the radar

Mar 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/27/china_famoussparrow_back/ Source: The Register Title: China’s FamousSparrow flies back into action, breaches US org after years off the radar Feedly Summary: Crew also cooked up two fresh SparrowDoor backdoor variants, says ESET The China-aligned FamousSparrow crew has resurfaced after a long period of presumed inactivity, compromising a US financial-sector trade group and a…

The Register: Sidewinder goes nuclear, charts course for maritime mayhem in tactics shift

Mar 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/10/sidewinder_tactics_shift/ Source: The Register Title: Sidewinder goes nuclear, charts course for maritime mayhem in tactics shift Feedly Summary: Phishing and ancient vulns still do the trick for one of the most prolific groups around Researchers say the Sidewinder offensive cyber crew is starting to target maritime and nuclear organizations.… AI Summary and Description:…

Unit 42: JavaGhost’s Persistent Phishing Attacks From the Cloud

Feb 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/javaghost-cloud-phishing/ Source: Unit 42 Title: JavaGhost’s Persistent Phishing Attacks From the Cloud Feedly Summary: Unit 42 reports on phishing activity linked to the threat group JavaGhost. These attacks target organizations’ AWS environments. The post JavaGhost’s Persistent Phishing Attacks From the Cloud appeared first on Unit 42. AI Summary and Description: Yes Summary: The…

The Register: Malware variants that target operational tech systems are very rare – but 2 were found last year

Feb 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/02/25/new_ics_malware_dragos/ Source: The Register Title: Malware variants that target operational tech systems are very rare – but 2 were found last year Feedly Summary: Fuxnet and FrostyGoop were both used in the Russia-Ukraine war Two new malware variants specifically designed to disrupt critical industrial processes were set loose on operational technology networks last…

Slashdot: Encrypted Messages Are Being Targeted, Google Security Group Warns

Feb 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/02/22/0724228/encrypted-messages-are-being-targeted-google-security-group-warns?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Encrypted Messages Are Being Targeted, Google Security Group Warns Feedly Summary: AI Summary and Description: Yes **Summary:** The text discusses emerging threats to secure messaging applications, particularly focusing on Signal, WhatsApp, and Telegram, as they are actively targeted by Russian-aligned threat groups. It emphasizes the evolving tactics being used…

Unit 42: Stately Taurus Activity in Southeast Asia Links to Bookworm Malware

Feb 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/?p=138311 Source: Unit 42 Title: Stately Taurus Activity in Southeast Asia Links to Bookworm Malware Feedly Summary: Unit 42 details the just-discovered connection between threat group Stately Taurus (aka Mustang Panda) and the malware Bookworm, found during analysis of the group’s infrastructure. The post Stately Taurus Activity in Southeast Asia Links to Bookworm…

Tag: threat group

Cisco Talos Blog: Gamaredon campaign abuses LNK files to distribute Remcos backdoor

The Register: China’s FamousSparrow flies back into action, breaches US org after years off the radar

The Register: Sidewinder goes nuclear, charts course for maritime mayhem in tactics shift

Unit 42: JavaGhost’s Persistent Phishing Attacks From the Cloud

The Register: Malware variants that target operational tech systems are very rare – but 2 were found last year

Slashdot: Encrypted Messages Are Being Targeted, Google Security Group Warns

Unit 42: Stately Taurus Activity in Southeast Asia Links to Bookworm Malware