APT – Page 2 – PossibleThreat Articles

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash and grab” attacks we’ve seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics are putting some of the world’s biggest corporations on edge.

MalwareBytes Security

Cyber lures and threats in the context of the war in Ukraine

February 25, 2022 0 Comments APT, Ransomware, russia, threat intelligence, ukraine, war, wiper

Credit to Author: Threat Intelligence Team| Date: Fri, 25 Feb 2022 20:59:40 +0000

There are many uncertainties with Russia’s invasion and war in Ukraine. In this unpredictable environment, we detail previous, current and expected cyber threats to watch out for.

The post Cyber lures and threats in the context of the war in Ukraine appeared first on Malwarebytes Labs.

MalwareBytes Security

CISA warns of cyberespionage by Iranian APT “MuddyWater”

February 25, 2022 0 Comments APT, Awareness, cisa, csa, cybersecurity advisory, earth vetala, FBI, iranian apt, mercury, MFA, muddywater, ncsc, NSA, phishing, seedworm, static kitten, temp.zargos

Credit to Author: Malwarebytes Labs| Date: Fri, 25 Feb 2022 18:54:27 +0000

Cybersecurity agencies in the US and UK have issued a joint cybersecurity advisory (CSA) on MuddyWater, an Iranian APT.

The post CISA warns of cyberespionage by Iranian APT “MuddyWater” appeared first on Malwarebytes Labs.

Security Sophos

Cyberthreats during Russian-Ukrainian tensions: what can we learn from history to be prepared?

February 22, 2022 0 Comments APT, blackenergy, cyber conflict, DDoS, disinformation, featured, geopolitics, russia, security operations, ukraine

Credit to Author: Chester Wisniewski| Date: Wed, 23 Feb 2022 04:04:23 +0000

A review of 15 years of activity designed to distract, confuse, deny, destablize, and divide

MalwareBytes Security

North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign

February 2, 2022 0 Comments APT, github, lazarus, threat intelligence

Credit to Author: Threat Intelligence Team| Date: Thu, 27 Jan 2022 16:20:16 +0000

How one of North Korea’s most sophisticated APTs tries to avoid detection by using legitiate tools during its attacks.

Categories: Threat Intelligence

Tags: APT GitHub Lazarus

MalwareBytes Security

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

March 17, 2020 0 Comments APT, apt36, coronavirus, coronavirus malware, covid-19, credential stealer, crimson rat, Exploit, exploits, info-stealer, macro, malicious macro, malware, nation-state attack, rat, remote administration tool, Social engineering, spear phishing, spear phishing attack, Threat analysis, transparent tribe

Credit to Author: Threat Intelligence Team| Date: Mon, 16 Mar 2020 15:00:00 +0000

We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Categories:

Threat analysis

Tags: APT APT36 coronavirus coronavirus malware covid-19 credential stealer crimson rat exploit exploits info-stealer macro malicious macro malware nation-state attack rat remote administration tool Social Engineering spear phishing spear phishing attack transparent tribe

MalwareBytes Security

Securing the MSP: why they’re their own worst enemy

February 14, 2020 0 Comments advanced persistent threat, advanced persistent threats, APT, breach, credential management, credentials, data breach, Hacking, managed service provider, msp, msps, Opinion, phishing

Credit to Author: William Tsing| Date: Thu, 30 Jan 2020 16:00:00 +0000

Behind each cyberattack on the MSP is typically a system left unpatched, asset management undone, security officer not hired, or board who sees investment in security as a cost center rather than a long-term investment.

Categories: