LilacSquid APT Employs Open Source Tools, QuasarRAT
The previously unknown threat actor uses tools similar to those used by North Korean APT groups, according to Cisco Talos.
An advanced persistent threat is a stealthy, long-term intrusion that maintains access to systems to steal data or disrupt operations.
Search across headline titles and summaries.
Background for this topic.
Advanced Persistent Threat describes a prolonged and targeted cyber intrusion where attackers maintain covert access to a network over extended periods. These intrusions often use customized malware, spear-phishing, and exploitation of specific vulnerabilities to avoid detection and sustain control. The focus is typically on intelligence collection, data theft, or strategic disruption rather than immediate financial gain.
For defenders, APTs pose significant challenges due to their stealth and adaptability, often bypassing traditional security tools. Effective defense involves continuous monitoring for unusual activity, timely patching of vulnerabilities exploited by these actors, and leveraging threat intelligence to recognize known intrusion patterns. Early identification and containment are crucial to limit damage and prevent persistent unauthorized access.
The previously unknown threat actor uses tools similar to those used by North Korean APT groups, according to Cisco Talos.
The Russia-aligned FlyingYeti's phishing campaign exploited Ukrainian citizens' financial stress to spread Cookbox malware.
The Russian GRU-backed threat actor APT28 has been attributed as behind a series of campaigns targeting networks across Europe with the HeadLace malware and credential-harvesting web pages
Targeting India's government, defense, and aerospace sectors, the cyber-threat group now attacks Linux as well as Windows in its quest to compromise the Indian military's homegrown MayaOS Linux systems.