New MQsTTang Backdoor from Mustang Panda Targets Political and Governmental Organizations
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A new custom backdoor called MQsTTang, which they attribute to the Mustang Panda APT group. This backdoor is part of an ongoing campaign that began …
Snip3 Crypter an Advanced RAT Loader Targeting Multiple Industries
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A multi-stage remote access trojan (RAT) loader called Snip3 crypter was recently discovered deploying RAT families, including QuasarRAT and DcRAT, to target victims across multiple …
A New APT named APT-C-61 Targets South Asia
Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary APT-C-61, also known as Tengyun Snake, is an advanced persistent threat (APT) group that has been active since at least January 2020 in South Asia. …
Iron Tiger APT Group Updates SysUpdate Malware to Target Linux Platforms
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The Iron Tiger aka APT27 group updated their custom malware, SysUpdate, to target Linux platforms and evade security solutions. They specifically targeted a vulnerability in …
ParallaxRAT targets cryptocurrency organizations through phishing emails
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary ParallaxRAT is a remote access Trojan (RAT) that has been distributed through phishing emails since December 2019. Recently, ParallaxRAT has been targeting cryptocurrency organizations. The …
Highly Sophisticated SCARLETEEL Cloud Attack That Stole Proprietary Data
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The SCARLETEEL attack was a highly sophisticated cloud operation that involved the theft of proprietary data by exploiting a compromised Kubernetes container, escalating privileges into …
Blackfly Chinese APT targets Asian conglomerate in materials sector
Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The Blackfly espionage group, also known as APT41, Winnti Group, or Bronze Atlas, has been targeting multiple subsidiaries of an Asian conglomerate operating in the …
Malicious DPRK Actors Target the Healthcare Industry in the US & South Korea
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary State-sponsored malicious actors from the Democratic People’s Republic of Korea (DPRK) have carried out a ransomware attack against the healthcare systems of South Korea and …
TA866 New Financially-Motivated Threat Actor Targeting US and Germany Organizations
Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A new financially motivated threat actor named TA866 has been active since October 2022 and targets organizations in the United States and Germany. The attack …
AgentTesla Trojan Returns with Phishing Campaigns Using GuLoader to Steal Secrets
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The AgentTesla Trojan continues to pose a threat as attackers use GuLoader to deliver it in new phishing campaigns targeting various industries and countries. …