After investigating the Deep Panda APT's recent exploitation attempts of the Log4j flaw, researchers uncovered a new kernel rootkit.
While increased research and information-sharing have improved the process of attribution, a complex threat landscape is also making it more difficult.
The U.S. government gave details on 17 MuddyWater samples and linked the threat group to the Iranian intelligence service.
The FBI is warning about an APT actor that is exploiting a zero day flaw in the FatPipe software on several products, including MPVPN, WARP, and IPVPN.
The Lazarus group has been recently observed “building supply-chain attack capabilities” by targeting a legitimate South Korean security software and an IT asset monitoring solution vendor.