The latest advisory issued by law enforcement agencies within Australia, the U.S., Canada, Germany, the U.K., New Zealand, South Korea, and Japan, warns of the growing threat posed by APT40 operated on behalf of Beijing’s Ministry of State Security (MSS). Specifically, the advisory details the activities of the People’s Republic of China state-sponsored group able […]
In Q1 2024, Advanced Persistent Threat (APT) groups from China, North Korea, Iran, and russia demonstrated significantly enhanced and innovative offensive capabilities to proceed with sophisticated cyber-espionage campaigns. This surge in activity has posed considerable challenges to the global cybersecurity landscape. Recently, security experts revealed the activity of the China-linked Velvet Ant group infiltrating F5 […]
The China-linked cyber-espionage group Velvet Ant has been infiltrating F5 BIG-IP devices for about three years, using them as internal C2 servers, deploying malware, and gaining persistence to smartly evade detection and steal sensitive data. Detect Velvet Ant Attacks In Q1 2024, APT groups from various regions, including China, North Korea, Iran, and Russia, demonstrated […]
Since at least 2022, the hacking collective tracked as UAC-0024 has been launching a series of offensive operations targeting Ukraine’s defense forces. The group’s cyber-espionage activity mainly focuses on intelligence gathering leveraging CAPIBAR malware. Based on attacker TTPs along with the uncovered use of another malware dubbed Kazuar, the adversary activity can be linked to […]
On February 24, 2022, a little more than a year ago, the russian federation started an offensive invasion of Ukraine by land, air, and sea. The war escalated in cyberspace as well. As a result, we are now witnessing the first-ever full-fledged cyber war in human history, with multiple offensive counterparts engaged in attacks against […]
Just a couple of weeks ago, CERT-UA raised awareness among the global cyber defender community about an ongoing cyber-espionage campaign targeting Ukraine and organizations in Central Asia linked to the UAC-0063 group. In early June, CERT-UA researchers issued another alert covering the long-term cyber-espionage activity mainly exploiting the email attack vector and targeting Ukrainian government […]
Since the outbreak of the full-scale war in Ukraine, cyber defenders have identified the growing volumes of cyber-espionage campaigns aimed at collecting intelligence from the Ukrainian state bodies. On May 22, 2023, CERT-UA researchers issued a new alert warning the global cyber defender community of an ongoing cyber-espionage campaign targeting the information and communication system […]
On May 9, 2023, the U.S. Department of Justice revealed the details of a joint operation dubbed MEDUSA that resulted in the disruption of the Snake cyber-espionage implant infrastructure actively leveraged to target 50+ countries in North America, Europe, and Africa. First emerging in 2003, the malicious tool has been used by the Turla group, […]
Delaware, USA – June 12, 2018 – Experts from ESET discovered sophisticated spyware used in a long-term cyber-espionage campaign. Attackers used InvisiMole since 2013 and Malware remained undetected all this time due to highly targeted attacks. Methods of infection are still unknown, at the moment the researchers continue their investigation. InvisiMole is a modular malware […]