Remove Libraries Remove Military Remove Tools
article thumbnail

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda , Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing.

Military 122
article thumbnail

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. Pierluigi Paganini. SecurityAffairs – hacking, InvisiMole).

Military 125
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Targeted operation against Ukraine exploited 7-year-old MS Office bug

Security Affairs

The payload includes a dynamic-link library (vpn.sessings) that injects the post-exploitation tool Cobalt Strike Beacon into memory and awaits commands from the C2 server. “The lure contained military-related content, suggesting it was targeting military personnel. But the domain names weavesilk[.]space

Military 138
article thumbnail

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Security Affairs

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018.

Archiving 135
article thumbnail

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. Gallmaker is a politically motivated APT group that focused its surgical operations on the government, military or defense sectors. ” concluded Symantec.

Military 108
article thumbnail

XDSpy APT remained undetected since at least 2011

Security Affairs

The APT group, recently discovered by ESET, targeted government and private companies in Belarus, Moldova, Russia, Serbia, and Ukraine, including militaries and Ministries of Foreign Affairs. The tools in the arsenal of the XDSpy APT are quite basic, although efficient, their primary tool is a downloader dubbed named XDDown.

Military 144
article thumbnail

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

China-linked threat actor tracked as Alloy Taurus is using a Linux variant of the PingPull backdoor and a new tool dubbed Sword2033. However, the attackers chose a domain name that gives the impression of a connection to the South African military. org over port 8443 for C2. Experts added that the IP 196.216.136[.]139 softether[.]net