cyber espionage tactics

From The Hacker News – China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions

Cybersecurity researchers have shed light on a new China-linked threat actor called Earth Alux that has targeted various key sectors such as government, technology, logistics, manufacturing, telecommunications, IT services, and retail in the Asia-Pacific (APAC) and Latin American (LATAM) regions. "The first sighting of its activity was in the second quarter of 2023; back then, it was

shaikh Saqib April 1, 2025

News

From Dark Reading – Iran’s MOIS-Linked APT34 Spies on Allies Iraq & Yemen

The Islamic Republic is keeping its enemies close and its friends closer, with espionage attacks aimed at nearby neighbors. Read More

shaikh Saqib March 28, 2025

Vulnerabilities

From Cybersecurity Help – UAC-0200 cyber spies target Ukraine’s defense industry with DarkCrystal RAT

The attacks have been detected across several different platforms, including the popular messaging application Signal. Read More

shaikh Saqib March 19, 2025

News

From Dark Reading – Hot Button Facebook Ads Tag Middle East, N. Africa Victims

A Libya-linked threat actor has resurfaced, using the same old political phishing tricks to deliver AsyncRAT that have worked for years. Read More

shaikh Saqib March 12, 2025

News

From The Hacker News – Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks

The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates," Check Point said in a new analysis. "More than 1,600 victims were affected during one of

shaikh Saqib March 11, 2025

News

From Dark Reading – Espionage Actor ‘Lotus Blossom’ Targets South East Asia

The threat actor, of unknown origin, is deploying a proprietary backdoor malware known as "Sagerunex" against critical infrastructure in Hong Kong, Philippines, Taiwan, and Vietnam. Read More

shaikh Saqib March 6, 2025

News

From Cyber Security News – Hackers Leveraging Business Relationship To Attack Arab Emirates Aviation Sector

Security researchers at Proofpoint have uncovered a sophisticated cyber espionage campaign targeting aviation and satellite communications organizations in the United Arab Emirates. The campaign, attributed to a threat actor tracked…

shaikh Saqib March 5, 2025

News

From The Hacker News – Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware

The threat actor known as Space Pirates has been linked to a malicious campaign targeting Russian information technology (IT) organizations with a previously undocumented malware called LuckyStrike Agent. The activity was detected in November 2024 by Solar, the cybersecurity arm of Russian state-owned telecom company Rostelecom. It's tracking the activity under the name Erudite Mogwai. The

shaikh Saqib February 27, 2025

News

From Cyber Security News – ACRStealer Malware Exploiting Google Docs as C2 To Steal Login Credentials

A newly identified malware variant dubbed ACRStealer has been observed leveraging Google Docs as a command-and-control (C2) server to bypass traditional security defenses and harvest sensitive login credentials. This sophisticated…

shaikh Saqib February 21, 2025

Vulnerabilities

From Cybersecurity Help – Sandworm APT targets Ukraine with trojanized Microsoft KMS activation tools

The attackers utilized a BACKORDER loader to deploy DarkCrystal RAT. Read More

shaikh Saqib February 12, 2025

Vulnerabilities

From Cybersecurity Help – North Korean Kimsuky adopted a new tactic to infiltrate targets

The new tactic involves the threat actor tricking individuals into executing PowerShell commands as administrators. Read More

shaikh Saqib February 12, 2025