Evasive Gelsemium hackers spotted in attack against Asian govt
A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023. [...]
An advanced persistent threat is a stealthy, long-term intrusion that maintains access to systems to steal data or disrupt operations.
Search across headline titles and summaries.
Background for this topic.
Advanced Persistent Threat describes a prolonged and targeted cyber intrusion where attackers maintain covert access to a network over extended periods. These intrusions often use customized malware, spear-phishing, and exploitation of specific vulnerabilities to avoid detection and sustain control. The focus is typically on intelligence collection, data theft, or strategic disruption rather than immediate financial gain.
For defenders, APTs pose significant challenges due to their stealth and adaptability, often bypassing traditional security tools. Effective defense involves continuous monitoring for unusual activity, timely patching of vulnerabilities exploited by these actors, and leveraging threat intelligence to recognize known intrusion patterns. Early identification and containment are crucial to limit damage and prevent persistent unauthorized access.
A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023. [...]
SentinelLabs said the group’s tactics focus on stealthy lateral movements and minimal interactions
We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group.
The Sandman group's main malware is among the very few that use the Lua scripting language and its just-in-time compiler.