apt
THREAT-ACTOR - FIN7: A Persistent Cyber Threat with Evolving Tactics
Their primary motivation is financial gain, focusing on sectors rich in valuable data and assets...
iran
RESEARCH: Top Iranian Threat Actors in 2024 -- Who's Charming your Kitten?
Fox Kitten is identified as the most significant threat due to its extensive involvement in ransomware attacks and its ability to monetize access to compromised networks. The group has been active since 2017...
north-korea
Countering the Threat of North Korean IT Workers: Advanced Detection and Response Strategies
This article explores the tactics employed by North Korean IT workers, the risks they pose, and advanced threat detection tools and incident response plans tailored to counter their activities.
breach
BREACH: CMS -- Your DollarBucks at Work
The recent CMS (Centers for Medicare & Medicaid Services) data breach is a significant cybersecurity incident that has impacted nearly one million Medicare beneficiaries.
threat-actors
THREAT ACTOR: Vanilla Tempest
This group has been observed deploying various ransomware families and utilizing sophisticated techniques to evade detection and maximize their impact...
fraud
RESEARCH: Top 5 Fraud as a Service ('FAAS') services in 2024
Fraud-as-a-Service (FaaS) is a growing segment of cybercrime where cybercriminals offer fraud-related services to other criminals..
apt
THREAT ACTOR: Mustang Panda
Mustang Panda is a well-known cyber espionage group believed to be based in China. The group is notorious for targeting government entities, non-governmental organizations (NGOs), and private sector organizations, primarily through spear-phishing campaigns and custom malware.
2024
RESEARCH: DPRK 'IT' Workers
These workers often operate globally, leveraging their positions to further the objectives of the North Korean government and its cyber warfare units..
threat-actors
THREAT ACTOR: APT45 ('Onyx Sleet')
Onyx Sleet, also known by aliases such as Andariel, Plutonium, and Silent Chollima, is a North Korean cyber threat actor involved in cyber espionage and targeting critical sectors, including nuclear technology.
kematian-stealer
RESEARCH: Kematian Stealer
This malware is designed to covertly exfiltrate sensitive data from infected systems.. Great- github is hosting more malware. awesome.
orb-networks
RESEARCH: IoCs are dead. Long Live IoCs.
Orb networks, also known as Operational Relay Box (ORB) networks, are sophisticated proxy networks used by APT groups, particularly Chinese cyber-espionage actors, to obfuscate their activities and evade detection.
rootkit
RESEARCH: Top 3 rootkits for Windows 11
Rootkits are a particularly insidious type of malware designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.