Tag: threat group
-
The Register: Beijing-backed burglars master .NET to target government web servers
Source URL: https://www.theregister.com/2025/10/01/phantom_taurus_apt/ Source: The Register Title: Beijing-backed burglars master .NET to target government web servers Feedly Summary: ‘Phantom Taurus’ created custom malware to hunt secrets across Asia, Africa, and the Middle East Threat-hunters at Palo Alto Networks’ Unit 42 have decided a gang they spotted two years ago is backed by China, after seeing…
-
Unit 42: Bookworm to Stately Taurus Using the Unit 42 Attribution Framework
Source URL: https://unit42.paloaltonetworks.com/bookworm-to-stately-taurus/ Source: Unit 42 Title: Bookworm to Stately Taurus Using the Unit 42 Attribution Framework Feedly Summary: We connect Bookworm malware to Chinese APT Stately Taurus using our attribution framework, enhancing our understanding of threat group tradecraft. The post Bookworm to Stately Taurus Using the Unit 42 Attribution Framework appeared first on Unit…
-
Cisco Talos Blog: How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking
Source URL: https://blog.talosintelligence.com/how-rainyday-turian-and-a-new-plugx-variant-abuse-dll-search-order-hijacking/ Source: Cisco Talos Blog Title: How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking Feedly Summary: Talos discovered that a new PlugX variant’s features overlap with both the RainyDay and Turian backdoors AI Summary and Description: Yes Summary: Cisco Talos has identified a new variant of the PlugX…
-
The Register: Beijing went to ‘EggStreme’ lengths to attack Philippines military, researchers say
Source URL: https://www.theregister.com/2025/09/11/eggstreme_malware_china_philippines/ Source: The Register Title: Beijing went to ‘EggStreme’ lengths to attack Philippines military, researchers say Feedly Summary: Ovoid-themed in-memory malware offers a menu for mayhem ‘EggStreme’ framework looks like the sort of thing Beijing would find handy in its ongoing territorial beefs Infosec outfit Bitdefender says it’s spotted a strain of in-memory…
-
Slashdot: CrowdStrike Investigated 320 North Korean IT Worker Cases In the Past Year
Source URL: https://it.slashdot.org/story/25/08/04/2032214/crowdstrike-investigated-320-north-korean-it-worker-cases-in-the-past-year Source: Slashdot Title: CrowdStrike Investigated 320 North Korean IT Worker Cases In the Past Year Feedly Summary: AI Summary and Description: Yes Summary: The report highlights a significant rise in North Korean operatives using generative AI to infiltrate tech jobs globally, particularly within Fortune 500 and smaller organizations. CrowdStrike’s observations underline a…
-
CSA: U.S. Strikes on Iran Could Trigger Cyber Retaliation
Source URL: https://cloudsecurityalliance.org/articles/u-s-strikes-on-iran-could-trigger-cyber-retaliation Source: CSA Title: U.S. Strikes on Iran Could Trigger Cyber Retaliation Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the implications of Iranian cyber threats against U.S. critical infrastructure amid escalating geopolitical tensions. It emphasizes the evolving landscape of cyber threats, especially from adversaries who may leverage both traditional…