Russian APT 'Gamaredon' Upgrades Its Arsenal, Requiring New Defenses
The FSB state-sponsored operation has gotten a lot better at loading its malware and hiding its servers.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The FSB state-sponsored operation has gotten a lot better at loading its malware and hiding its servers.
More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware.
Chinese APT Red Menshen's super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it down.
Advanced persistent threat (APT) groups have deployed new cyber weapons against a variety of targets, highlighting the increasing threats to the region.
"Fancy Bear" relies on basic techniques that are highly effective, often delivering greater ROI than more complex malware-heavy operations.
The long-running South Asian advanced persistent threat (APT) group is advancing its objectives against Pakistani targets, with a shift to deploying Python-based surveillance malware.
Security researchers say multiple threat groups, including Iran's Charming Kitten APT offshoot Subtle Snail, are deploying malware with code-signing certificates from the Houston-based company.
A Chinese APT is going where most APTs don't: deep into the cloud, compromising supply chains and deploying uncommon malware.
The first documented deployment of the novel malware in a campaign against the Middle Eastern public sector and aviation industry may be tied to China's state-sponsored actor Earth Baxia.
An ongoing AitM campaign by the infamous Moscow-sponsored cyber threat actor has widened its scope, dropping the dangerous ApolloShadow custom backdoor malware thanks to lawful intercept systems.
A SLAAC-spoofing, adversary-in-the-middle campaign is hiding the WizardNet backdoor malware inside updates for legitimate software and popular applications.
Researchers found the threat actor attempting to use the now-patched flaw to load and execute a malicious dynamic link library on infected systems.
Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware.
Pivoting from prior cyber espionage, the threat group deployed its backdoor tool set to ultimately push out RA World malware, demanding $2 million from its victim.
"Operation 99" uses job postings to lure freelance software developers into downloading malicious Git repositories. From there, malware infiltrates developer projects to steal source code, secrets, and cryptocurrency.
The APT, aka Earth Estries, is one of China's most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected.
In a sign of the times, a backdoor malware whose ancestors date back to 2005 has morphed to target Linux systems.
APT Wirte is doing double duty, adding all manner of supplemental malware to gain access, eavesdrop, and wipe data, depending on the target.
The Pakistan-based advanced persistent threat actor has been carrying on a cyber-espionage campaign targeting organizations on the subcontinent for more than a decade, and it's now using a new and improved "ElizaRAT" malware.
The prolific Chinese APT Mustang Panda is the likely culprit behind a sophisticated cyber-espionage attack that sets up persistent remote access to victim machines.