Security news aggregator

Latest coverage for Advanced Persistent Threat

An advanced persistent threat is a stealthy, long-term intrusion that maintains access to systems to steal data or disrupt operations.

24 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Advanced Persistent Threat describes a prolonged and targeted cyber intrusion where attackers maintain covert access to a network over extended periods. These intrusions often use customized malware, spear-phishing, and exploitation of specific vulnerabilities to avoid detection and sustain control. The focus is typically on intelligence collection, data theft, or strategic disruption rather than immediate financial gain.

For defenders, APTs pose significant challenges due to their stealth and adaptability, often bypassing traditional security tools. Effective defense involves continuous monitoring for unusual activity, timely patching of vulnerabilities exploited by these actors, and leveraging threat intelligence to recognize known intrusion patterns. Early identification and containment are crucial to limit damage and prevent persistent unauthorized access.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 24 Filtered view
Bank Info Security 2 months, 3 weeks ago

Why AI-Driven Arms Race Needs Better Threat Intelligence

TrendAI's Tom Kellermann on Defending Against Agentic Attacks, APT CollaborationAI-driven threats now operate with speed, scale and persistence. Defenders need expanded telemetry, a global research team and an advanced XDR platform to predict and suppress adversaries defenders, said Tom Kellermann, vice president of AI security and threat intelligence at TrendAI.

Bank Info Security 5 months, 3 weeks ago

Wiper Malware Targeting Poland's Power Grid Tied to Moscow

Signs Point to Long-Active 'Sandworm' Military Intelligence Hackers at WorkRussian cyberattacks in late December 2025 that attempted to disrupt Poland's power grid have been attributed to "Sandworm," the codename for an advanced persistent threat group tied to a Moscow military intelligence unit that repeatedly uses wiper malware, including in these attacks.

Bank Info Security 6 months, 2 weeks ago

Breach Roundup: Clop Tied to Korean Air Vendor Breach

Also: China-Linked APT Hijack Updates, Condé Nast Data Leaked, La Poste HitThis week, a Clop-linked vendor breach hit Korean Air, a China-linked APT hijacked software updates, a critical zero-day flaw remained unpatched, Condé Nast faced a data leak, La Poste was disrupted and Korean police extradited a malware operation suspect.

Bank Info Security 9 months, 4 weeks ago

Russian Nation-State Hackers Join Forces to Target Ukraine

First-Ever Malware Tie-Up Spotted Between FSB's Turla and Gamaredon Hacking GroupsTwo long-running advanced persistent threat groups tied to Russia's Federal Security Service, the FSB, called Turla and Gamaredon, appear for the first time to be running a joint cyberespionage operation using their separate malware arsenals, designed to hit high-value targets in Ukraine.

Bank Info Security 10 months, 2 weeks ago

Silver Fox APT Abuses Windows Driver in Active Campaign

Gap in Microsoft Blocklist Exploited, ValleyRAT Runs UndetectedA Chinese nation-state cyber group is exploiting a Microsoft-signed driver to shut down Windows security protections. The attackers deployed the driver through a custom loader. The core weakness that Silver Fox relied on remained exploitable even after patching.

Bank Info Security 11 months ago

Russian Hackers Exploit WinRAR Zero-Day

RomCom Group Deployed SnipBot, RustyClaw and Mythic Agent VariantsA Russian speaking hacking group is exploiting a zero-day flaw in WinRAR, a sign of the group's growing sophistication and evolution from a cybercrime outfit into a cyberespionage operation. The campaign exploited a vulnerability now tracked as CVE-2025-8088, a path traversal vulnerability.

Bank Info Security 1 year, 1 month ago

Microsoft Patches Zero-Day Exploited by Emirati Hackers

Check Point: 'Stealth Falcon' Exploited WebDAV FlawMicrosoft on Tuesday patched a zero-day vulnerability in WebDAV that was exploited by UAE-linked threat actors as part of an espionage campaign in the Middle East and Africa. Check Point attributed the campaign to the Emirates APT group Stealth Falcon.

Bank Info Security 1 year, 1 month ago

SentinelOne Sees No Breach After Hardware Supplier Hacked

Intrusion Involved ShadowPad Malware, Wielded in Attacks Tied to Chinese APT GroupsCybersecurity firm SentinelOne said suspected Chinese attackers, wielding ShadowPad backdoor malware, infiltrated a logistics firm that it used for supplying hardware to its employees, but that the intrusion doesn't appear to have resulted in any infiltration of its own, corporate network.

Bank Info Security 1 year, 2 months ago

CyberUK 2025: Resilience and APT Threats Loom Large

Government Officials Sound 'Wake Up' AlarmsA rash of cyber incidents felt by British businesses add up to a wake-up call that cybersecurity is an absolute priority, top government officials warned during an annual conference hosted by the National Cyber Security Centre. The NCSC unveiled cyber resilience measures timed for the conference.

Bank Info Security 1 year, 3 months ago

Russian APT Hacker Observed Deploying Unusual RDP Tactics

Espionage Campaign Mainly Targeted European OrganizationsA Russian nation state threat actor exploited "lesser known" features of Microsoft Windows remote desktop protocol to target European organizations for espionage. Hackers using RDP to deploy a malicious application and access data from victims.

Bank Info Security 1 year, 5 months ago

APT Groups Using Ransomware 'Smokescreen' for Espionage

Russian, Iranian and Chinese APTs Among Most Active Ransomware CollaboratorsSecurity researchers are increasingly finding it challenging to attribute cyberattacks due to surging cooperation between nation-state hackers and ransomware groups, especially for espionage purposes. They say it reflects the blurring of the lines between state-directed and criminal activities.

Bank Info Security 1 year, 5 months ago

Mental Malware: Overcoming Self-Doubt That Holds You Back

Mitigate Career Risk With a Self-Audit, Targeted Training and Real-World TestingChanging jobs or going after that promotion can be difficult, even in a field like cybersecurity where the demand for skilled professionals is high. Often, the biggest career challenge is not that advanced persistent threat or the zero-day vulnerability. It's what we call "mental malware."

Bank Info Security 1 year, 6 months ago

Cloud Security, APT Threats, AI Risks Loom Large in 2025

Google Mandiant's Jamie Collier on the Biggest Cloud Security ChallengesTo combat AI threats in 2025, security teams are set to enter the second phase of AI innovation in security by deploying semi-autonomous operations such as alert parsing, creation of high-priority item lists and risk remediation, said Jamie Collier, senior threat intelligence advisor at Mandiant.

Bank Info Security 1 year, 7 months ago

Espionage Campaign Targets Turkish Defense Industry

APT Group Uses Sophisticated Attack Chain to Deploy WmRAT and MiyaRATA suspected South Asian threat actor targeted a Turkish defense organization, deploying malware via a RAR archive and using alternate data streams to deliver remote access Trojans. The group previously targeted multiple countries including China, India, Pakistan and Bangladesh.

Bank Info Security 1 year, 7 months ago

Chinese APT Groups Targets European IT Companies

Evidence Mounts for Chinese Hacking 'Quartermaster'A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure cloud infrastructure to target Western technology firms for espionage, security firms Tinexta Cyber and SentinelLabs said. The companies call the campaign "Operation Digital Eye."

Bank Info Security 1 year, 7 months ago

Russian APT Hackers Co-Opt Pakistani Infrastructure

FSB Hackers Have Hijacked Others' Command and Control BeforeA Russian state hacking group hijacked the command and control infrastructure of a Pakistan-based espionage network as part of an ongoing intelligence-gathering operation targeting victims in Asia, finds a report from Microsoft and Black Lotus Labs.

Bank Info Security 1 year, 7 months ago

Mysterious Elephant Using Hajj-Themed Bait in Attacks

Group Deploys Upgraded Malware Disguised as Microsoft File on Pilgrimage GoersA South Asian threat actor identified as Mysterious Elephant or APT-K-47 by Knownsec 404 researchers is using a Hajj-themed lure to trick victims into malicious payload disguised as a Windows file. The hacker is using upgraded Asyncshell malware disguised as a Microsoft Compiled HTML Help file.

Bitdefender Exposes Unfading Sea Haze's Advanced Cyberespionage TacticsA previously undetected, suspected Chinese-state threat actor has been targeting governments in the South China Sea for years with a remote access Trojan that has been a favorite of Chinese hackers since its creation almost two decades ago, say security researchers from Bitdefender.

Loading more headlines...