Found 20 articles
Security Affairs
Researchers have uncovered a scheme involving the Lazarus APT group, linked to North Korea, utilizing remote IT workers to conduct cyber operations. This highlights the evolving tactics of cybercriminals and the ongoing threat posed by state-sponsored hacking groups. The investigation underscores the importance of vigilance in cybersecurity as these actors adapt to new methods of operation.
The article reports on a joint investigation revealing a remote IT worker infiltration scheme linked to North Korea's Lazarus Group. This scheme highlights the persistent threat posed by state-sponsored cyber actors, emphasizing the need for heightened awareness and security measures against such infiltration tactics.
APT31, a China-linked advanced persistent threat group, has been conducting stealthy cyberattacks on the Russian IT sector from 2024 to 2025, focusing on contractors and integrators for government agencies. These attacks have remained undetected for extended periods, raising concerns about the security of the targeted organizations.
The article discusses the ToddyCat APT attacks that target corporate email systems, highlighting the use of advanced tools like TomBerBil, TCSectorCopy, and XstReader. The severity of these attacks lies in their method of stealing access tokens from Outlook, posing significant risks to corporate security.
China's state-sponsored hackers, known as 'PlushDaemon', have developed a method to infect routers and hijack software updates, primarily targeting Chinese organizations. This sophisticated approach allows them to operate under the radar, posing a significant threat to cybersecurity within the region.