Source code for BlackLotus Windows UEFI malware leaked on GitHub
The source code for the BlackLotus UEFI bootkit has leaked online, allowing greater insight into a malware that has caused…
Chinese APT Cracks Microsoft Outlook Emails at 25 Government Agencies
Foreign state-sponsored actors likely had access to privileged state emails for weeks, thanks to a token validation vulnerability.
Charming Kitten hackers use new ‘NokNok’ malware for macOS
Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that…
Israel Aided UAE in Defending Against DDoS Attack
Israel's cyber head points finger at Iran-backed MuddyWater APT group as the perpetrator of a recent attack against a university.
Hackers target European government entities in SmugX campaign
A phishing campaign that security researchers named SmugX and attributed to a Chinese threat actor has been targeting embassies and…
Iran-Linked APT35 Targets Israeli Media With Upgraded Spear-Phishing Tools
The APT35 group (aka Charming Kitten), have added backdoor capabilities to their spear-phishing payloads — and targeted an Israeli reporter…
CISA Wants Exposed Government Devices Remediated In 14 Days
Though government agencies have hundreds of devices exposed to the open Internet, experts wonder if CISA is moving at the…
20-Year-Old Chinese APT15 Finds New Life in Foreign Ministry Attacks
The notorious APT15 used common malware tools and a third-generation custom "Graphican" backdoor to continue its information gathering exploits, this…
Russian APT ‘Cadet Blizzard’ Behind Ukraine Wiper Attacks
Microsoft says Cadet Blizzard wielded a custom wiper malware in the weeks leading up to Russia's invasion of Ukraine, and…
‘Stealth Soldier’ Attacks Target Libyan Government Entities With Surveillance Malware
Surveillance malware targets Libyan government entities, with possible links to a 2019 Egypt attack campaign.