Patchwork APT caught in its own web

Credit to Author: Threat Intelligence Team| Date: Fri, 07 Jan 2022 18:14:49 +0000

The Patchwork APT, an Indian group targeting Pakistan exposes themselves with their own RAT

Categories: Threat Intelligence

Tags:

(Read more…)

The post Patchwork APT caught in its own web appeared first on Malwarebytes Labs.

Read more

Patch now! FatPipe VPN zero-day actively exploited

Credit to Author: Mark Stockley| Date: Fri, 19 Nov 2021 00:25:44 +0000

The FBI has revealed that APT actors have been abusing a zero-day in FatPipe’s MPVPN, WARP, and IPVPN products since May.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post Patch now! FatPipe VPN zero-day actively exploited appeared first on Malwarebytes Labs.

Read more

A multi-stage PowerShell based attack targets Kazakhstan

Credit to Author: Threat Intelligence Team| Date: Fri, 12 Nov 2021 23:14:03 +0000

We uncover a new attack delivered via a number of PowerShell scripts to deploy Cobalt Strike.

Categories: Threat Intelligence

Tags:

(Read more…)

The post A multi-stage PowerShell based attack targets Kazakhstan appeared first on Malwarebytes Labs.

Read more

FBI and CISA warn of APT groups exploiting ADSelfService Plus

Credit to Author: Pieter Arntz| Date: Fri, 17 Sep 2021 13:48:46 +0000

APT actors are exploiting a recently-discovered flaw in ManageEngine’s self-service password management product.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post FBI and CISA warn of APT groups exploiting ADSelfService Plus appeared first on Malwarebytes Labs.

Read more

Kimsuky APT continues to target South Korean government using AppleSeed backdoor

Credit to Author: Threat Intelligence Team| Date: Tue, 01 Jun 2021 13:00:00 +0000

Kimsuky, the North Korean threat actor active since 2012, is still targeting the South Korean government. We take a look at the phishing infrastructure and command and control mechanisms of this APT.

Categories: MalwareThreat analysis

Tags:

(Read more…)

The post Kimsuky APT continues to target South Korean government using AppleSeed backdoor appeared first on Malwarebytes Labs.

Read more