Russian APT 'Winter Vivern' Targets European Government, Military
TAG-70's sophisticated espionage campaign targeted a range of geopolitical targets, suggesting a highly capable and well-funded state-backed threat actor.
An advanced persistent threat is a stealthy, long-term intrusion that maintains access to systems to steal data or disrupt operations.
Search across headline titles and summaries.
Background for this topic.
Advanced Persistent Threat describes a prolonged and targeted cyber intrusion where attackers maintain covert access to a network over extended periods. These intrusions often use customized malware, spear-phishing, and exploitation of specific vulnerabilities to avoid detection and sustain control. The focus is typically on intelligence collection, data theft, or strategic disruption rather than immediate financial gain.
For defenders, APTs pose significant challenges due to their stealth and adaptability, often bypassing traditional security tools. Effective defense involves continuous monitoring for unusual activity, timely patching of vulnerabilities exploited by these actors, and leveraging threat intelligence to recognize known intrusion patterns. Early identification and containment are crucial to limit damage and prevent persistent unauthorized access.
TAG-70's sophisticated espionage campaign targeted a range of geopolitical targets, suggesting a highly capable and well-funded state-backed threat actor.
"Voltzite," the APT's subset that focuses on OT networks and critical infrastructure, has also compromised targets in Africa.
A spate of recent cyber-espionage attacks showcases Turla's brand-new modular custom malware, and an expansion of the state-sponsored group's scope of targets.
A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders
The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.