APT – Computer Security Articles

Kaspersky Security

BlueNoroff bypasses Mark-of-the-Web | Kaspersky official blog

December 27, 2022 admin APT, Business, enterprise, Lazarus, office, windows

Credit to Author: Hugh Aver| Date: Tue, 27 Dec 2022 10:23:53 +0000

Kaspersky experts discovered that the BlueNoroff APT group has adopted methods to bypass the Mark-of-the-Web (MOTW) defense mechanism

Kaspersky Security

Is Avast safe to use in 2023? | Kaspersky official blog

December 7, 2022 admin APT, AVAST!, privacy, Products, Security, Technology, Tips

Credit to Author: Kaspersky Team| Date: Wed, 07 Dec 2022 09:36:15 +0000

Is it safe to use Avast? Learn how the company was accused of selling users’ data and spreading malware through its product.

MalwareBytes Security

Winnti APT group docks in Sri Lanka for new campaign

October 17, 2022 admin APT, c2, China, dboxagent, dropbox, India, keyplug, malware, sri lanka, Threat Intelligence, Winnti

Categories: Threat Intelligence

Tags: Winnti

Tags: APT

Tags: China

Tags: Sri Lanka

Tags: India

Tags: Keyplug

Tags: malware

Tags: dropbox

Tags: C2

Tags: DBoxAgent

In this research paper, we document a new campaign we attribute to the Winnti APT group. The victims are located in Sri Lanka at a point in time where the country is going through economic hardship while China makes headlines for docking on of its special vessels there.

(Read more…)

The post Winnti APT group docks in Sri Lanka for new campaign appeared first on Malwarebytes Labs.

MalwareBytes Security

Chinese APT’s favorite vulnerabilities revealed

October 13, 2022 admin Advanced Persistent Threat, APT, chinese apt, cisa, Exploits and vulnerabilities, FBI, news, NSA, security advisory

Categories: Exploits and vulnerabilities

Categories: News

Tags: Chinese APT

Tags: advanced persistent threat

Tags: APT

Tags: CISA

Tags: NSA

Tags: FBI

Tags: security advisory

CISA, the NSA and the FBI have compiled a list of the vulnerabilities targeted by state-sponsorted threat actors from China.

(Read more…)

The post Chinese APT’s favorite vulnerabilities revealed appeared first on Malwarebytes Labs.

Kaspersky Security

CVE-2022-41352 — vulnerability in Zimbra | Kaspersky official blog

October 13, 2022 admin APT, Business, enterprise, linux, SMB, vulnerabilities

Credit to Author: Editorial Team| Date: Thu, 13 Oct 2022 11:19:40 +0000

APT groups are actively exploiting the CVE-2022-41352 vulnerability in Zimbra Collaboration suit.

MalwareBytes Security

Woody RAT: A new feature-rich malware spotted in the wild

August 3, 2022 admin APT, follina, Rat, Russia, Threat Intelligence, woody rat

Credit to Author: Threat Intelligence Team| Date: Wed, 03 Aug 2022 21:25:52 +0000

The Malwarebytes Threat Intelligence team has discovered a new Remote Access Trojan that we dubbed Woody Rat used to target Russian entities.

The post Woody RAT: A new feature-rich malware spotted in the wild appeared first on Malwarebytes Labs.

MalwareBytes Security

North Korean APT targets US healthcare sector with Maui ransomware

July 10, 2022 admin APT, cisa, conti, cybersecurity and infrastructure security agency, department of treasury, FBI, federal bureau of investigations, jen easterly, maui, maui ransomware, NORTH KOREA, north korean apt, raas, ransom.maui, ransomware, ShiOne, treasury

Credit to Author: Jovi Umawing| Date: Sun, 10 Jul 2022 21:43:29 +0000

CISA warns of an unusual ransomware.

The post North Korean APT targets US healthcare sector with Maui ransomware appeared first on Malwarebytes Labs.

MalwareBytes Security

Immigration organisations targeted by APT group Evilnum

June 30, 2022 admin Advanced Persistent Threat, APT, cybercrime, evilnum, Immigration, Migration, Ukraine, ukranian

Credit to Author: Christopher Boyd| Date: Thu, 30 Jun 2022 14:13:47 +0000

Immigration organisations are being targeted by the APT group Evilnum, using spear phishing to send malicious Word documents.

The post Immigration organisations targeted by APT group Evilnum appeared first on Malwarebytes Labs.

← Previous