Remove Communications Remove Libraries Remove Military
article thumbnail

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. The downloader communicates with C2 servers using DNS tunneling. Pierluigi Paganini.

Military 123
article thumbnail

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military 119
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Security Affairs

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018.

Archiving 133
article thumbnail

MY TAKE: How advanced automation of threat intel sharing has quickened incident response

The Last Watchdog

military complex, who got frustrated by their inability to extract actionable intel from a deluge of threat feeds. There turned out to be a lot of limitations, as far as the amount of data coming in, what the teams were able to address, how the teams communicated and what collaboration actually looked like on those teams.”

Big data 153
article thumbnail

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

PingPull, was first spotted by Unit 42 in June 2022, the researchers defined the RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. Experts also found PingPull variants that use HTTPS and TCP for C2 communications instead of ICMP. org over port 8443 for C2.

article thumbnail

WinRAR CVE-2018-20250 flaw exploited in multiple campaigns

Security Affairs

The flaw is an “Absolute Path Traversal” issue in the library that could be exploited to execute arbitrary code by using a specially-crafted file archive. The issue affects a third-party library, called UNACEV2.DLL DLL that is used by WINRAR, it resides in the way an old third-party library, called UNACEV2.DLL,

Archiving 108
article thumbnail

Exclusive: Pakistan and India to armaments: Operation Transparent Tribe is back 4 years later

Security Affairs

The Operation Transparent Tribe was first spotted by Proofpoint Researchers in Feb 2016, in a series of espionages operations against Indian diplomats and military personnel in some embassies in Saudi Arabia and Kazakhstan. The two dll are legit windows library and are used in support of the malicious behaviour. Introduction.

Military 144