Found 17 bookmarks
Custom sorting
APT41 Has Arisen From the DUST
APT41 Has Arisen From the DUST
  • In collaboration with Google’s Threat Analysis Group (TAG), Mandiant has observed a sustained campaign by the advanced persistent threat group APT41 targeting and successfully compromising multiple organizations operating within the global shipping and logistics, media and entertainment, technology, and automotive sectors. The majority of organizations were operating in Italy, Spain, Taiwan, Thailand, Turkey, and the United Kingdom. APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims' networks since 2023, enabling them to extract sensitive data over an extended period. APT41 used a combination of ANTSWORD and BLUEBEAM web shells for the execution of DUSTPAN to execute BEACON backdoor for command-and-control communication. Later in the intrusion, APT41 leveraged DUSTTRAP, which would lead to hands-on keyboard activity. APT41 used publicly available tools SQLULDR2 for copying data from databases and PINEGROVE to exfiltrate data to Microsoft OneDrive
#Mandiant#EN#2024#APT41#Italy#Spain#Taiwan#Thailand#Turkey#UK#dustpan#BEACON#DUSTTRAP
·cloud.google.com·
APT41 Has Arisen From the DUST
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
#talosintelligence#Iranian#EN#2022#APT#research#MuddyWater#Turkey#SloughRAT#RAT
·blog.talosintelligence.com·
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
#talosintelligence#Iranian#EN#2022#APT#research#MuddyWater#Turkey#SloughRAT#RAT
·blog.talosintelligence.com·
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
#talosintelligence#Iranian#EN#2022#APT#research#MuddyWater#Turkey#SloughRAT#RAT
·blog.talosintelligence.com·
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
#talosintelligence#Iranian#EN#2022#APT#research#MuddyWater#Turkey#SloughRAT#RAT
·blog.talosintelligence.com·
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
#talosintelligence#Iranian#EN#2022#APT#research#MuddyWater#Turkey#SloughRAT#RAT
·blog.talosintelligence.com·
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
#talosintelligence#Iranian#EN#2022#APT#research#MuddyWater#Turkey#SloughRAT#RAT
·blog.talosintelligence.com·
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
#talosintelligence#Iranian#EN#2022#APT#research#MuddyWater#Turkey#SloughRAT#RAT
·blog.talosintelligence.com·
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
The (Not so) Secret War on Discord
The (Not so) Secret War on Discord
CyberArk Labs discovered a new malware called Vare that is distributed over the popular chatting service, Discord. Vare has been used to target new malware operators by using social engineering tactics on them. Additionally, we have found that Vare uses Discord’s infrastructure as a backbone for its operations. This malware is linked to a new group called “Kurdistan 4455” based out of southern Turkey and is still early in its forming stage.
#cyberark#EN#2023#Discord#Vare#malware#Kurdistan4455#Turkey
·cyberark.com·
The (Not so) Secret War on Discord
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
#talosintelligence#Iranian#EN#2022#APT#research#MuddyWater#Turkey#SloughRAT#RAT
·blog.talosintelligence.com·
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
#talosintelligence#Iranian#EN#2022#APT#research#MuddyWater#Turkey#SloughRAT#RAT
·blog.talosintelligence.com·
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups
Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under the MuddyWater umbrella of APT groups. U.S. Cyber Command recently connected MuddyWater to Iran's Ministry of Intelligence and Security (MOIS).
#talosintelligence#Iranian#EN#2022#APT#research#MuddyWater#Turkey#SloughRAT#RAT
·blog.talosintelligence.com·
Iranian linked conglomerate MuddyWater comprised of regionally focused subgroups