SEARCH
Archive
Cobalt Mirage Actors Deploying Drokbk Malware in Recent Campaigns
The Iranian Cobalt Mirage threat group has been using the Drokbk malware in recent intrusions and employing GitHub repositories as dead drop resolvers.
North Korean APT37 Used Internet Explorer Zero Day
A North Korean state-backed actor known for targeting South Korean victims recently used an Internet Explorer zero day (CVE-2022-41128).
APTs Stole Sensitive Data From Defense Industrial Base Facility
The FBI, NSA and CISA are highlighting IoCs and TTPs used in an attack on a defense industrial base organization that leveraged compromised credentials, a custom data exfiltration tool and the Impacket open-source toolkit.
New Metador APT Discovered Targeting ISPs, Telcos
Researchers have discovered a new APT actor called Metador that has been targeting ISPs, telcos, and universities in the Middle East and Africa.
Iranian APT Targets Email Credentials in Espionage Attacks
APT42 is creative in its social engineering efforts and steals credentials and MFA authentication codes in order to compromise targets and conduct espionage.