Security news aggregator

Latest coverage for Threat Actor

Coverage of named threat actors and intrusion sets examines reported incidents, infrastructure, disruption, and defensive guidance.

26 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Coverage under this tag concerns a named threat actor or intrusion set: an individual, group, or organized operation assessed to be responsible for malicious cyber activity. Reports may describe incidents, malware, attack infrastructure, disruption efforts, or analyst assessments. Attribution is often provisional, so actor names and reported links should be treated as intelligence judgments rather than established identity, nationality, sponsorship, or motive.

For defenders, such reporting can help connect incidents and prioritize monitoring, but indicators and techniques may be reused or become obsolete. Validate reported infrastructure, hashes, and behaviors against local telemetry; use confirmed weaknesses to guide vulnerability remediation and access controls. If activity is suspected, preserve relevant logs and evidence, contain affected accounts or systems, and coordinate investigation without relying on an actor label alone.

Showing 20 most recent headlines of 26 Filtered view
Bank Info Security 1 year, 8 months ago

Hacker Poses as Israeli Security Vendor to Deliver Wiper

Phishing Emails Impersonating Eset Target Cybersecurity Professionals With MalwareCybercriminals posing as a top security firm in Israel have launched wiper attacks on local cybersecurity professionals after bypassing significant security measures, according to recent reports. Cybersecurity firm Eset said threat actors did not compromise its systems.

Bank Info Security 1 year, 8 months ago

North Korean IT Scam Workers Shift to Extortion Tactics

Report Reveals North Korean Workers Expanding into Intellectual Property TheftNorth Korean threat actors posing as remote information technology workers are increasingly extorting ransom from Western companies after securing jobs under false pretenses, according to a new report from Secureworks' counter threat unit.

Bank Info Security 1 year, 8 months ago

Military Exercises Trigger Russian DDoS Attacks on Japan

Russian Actors Disrupt Websites of Political Party, Business and Government GroupsPlans by Japan and U.S. to conduct military exercises near the coast of eastern Russia prompted Russia-linked threat actors to unleash a series of denial-of-service attacks this week against a dozen websites in Japan including the majority political party, business groups and governments.

Advisory Warns Iranian Threat Actors Use 'Push Bombing' to Target Critical SectorsIranian cyber actors are increasingly using brute force techniques, such as password spraying and multifactor authentication push bombing, to target critical infrastructure sectors, according to a cybersecurity advisory released Wednesday by the Cybersecurity and Infrastructure Security Agency.

Loading more headlines...