A New KV-Botnet Is Using Stealthy Attacks to Target Cisco, DrayTek, and Fortinet Devices
Since at least 2022, a highly capable botnet known as the “KV-botnet” has been associated with the Chinese state-sponsored APT […]
DarkCasino: A New Emerging APT Threat Exploiting a WinRAR Flaw
NSFOCUS researchers examined the DarkCasino attack pattern, which exploited the WinRAR zero-day vulnerability identified as CVE-2023-38831. The financially motivated APT […]
Alert Advisory: Supply Chain Attack by Iran’s APT34 Targets the UAE
An Iranian threat group called OilRig typically targets businesses in the Middle East involved in various industries. Still, it has […]
Merdoor – A Custom Backdoor Used by Lancefly APT to Target Government Organizations
Recent observations show the use of a unique Merdoor backdoor by a hacking group known as Lancefly APT to attack […]
WIP19 APT Targeting Organizations in Middle East
With signed malware, a new cyberespionage group has been hitting telecom companies and IT, service providers. The group, known as […]
Using Steganography to Hide Malware – Witchetty APT Case Study
Steganography has been used in the real world on the Windows and macOS operating systems. Attackers have been detected to […]
The Evolution of SideWinder APT and their Modus-Operandi
A suspected Indian threat actor group, Sidewinder, has been operating at least since 2012. They have been seen attacking businesses, […]
Opera1er APT Group Targeting Banks, Financial Institutes, and Mobile Operators across Africa, Asia and LATAM
Since 2016, OPERA1ER, also known as DESKTOP-GROUP, Common Raven, and NXSMS, has been reported to operate with the intention of […]
An overview of FIN11 and their motivations
A financially driven threat group FIN11 has run some of the most extensive and longest-running malware dissemination campaigns. Researchers have […]
Alert Advisory: Insight into APT29
Threat group APT29 is allegedly operated by Russia’s Foreign Intelligence Service (SVR). They have been active since 2008 and frequently […]
Alert Advisory: Insight into APT42
APT42 is a state-sponsored cyber espionage group in Iran. The gang, which has been active at least since 2015, is […]
ToddyCat APT
ToddyCat — a relatively new Chinese-Speaking Advanced Persistent Threat, has been targeting and exploiting vulnerable Exchange Servers throughout Europe and […]