PHP backdoor looks to be work of Chinese-linked APT group
Known as Glutton, researchers at QiAnXin’s XLab believe Winnti is responsible for the malware.
Advertisement
Showing 10 of 24 results
-
A hacker with China’s national flag in background. (Getty Images) Government -
Turla was able bypass traditional security measures and gain long-term access to Ukrainian military networks. (Getty Images) Cybersecurity Turla living off other cybercriminals’ tools in order to attack Ukrainian targets
A Russian nation-state threat actor has been observed leveraging tools from other cybercriminal groups to compromise targets in Ukraine, a recent report by Microsoft Threat Intelligence disclosed. This clandestine approach, which is the second time in as many weeks that Microsoft has highlighted the group’s effort, shows how Turla uses a wide range of attack […]
-
The Russian flag flies over the country’s embassy in Washington, D.C., on Feb. 16, 2024. (Photo by Brendan SMIALOWSKI / AFP) Government Russian-linked Turla caught using Pakistani APT infrastructure for espionage
Both Microsoft and Lumen’s BlackLotus Labs found Turla spying on Afghanistan and India via Pakistani infrastructure.
-
Belarus’ President Alexander Lukashenko meets with foreign media at his residence, the Independence Palace, in the capital Minsk on July 6, 2023. (Photo by ALEXANDER NEMENOV/AFP via Getty Images) Threats Hackers with links to Pro-Russian groups compromised foreign embassies in Belarus, researchers say
The work has been carried out by a newly identified group dubbed “MustachedBouncer,” according to researchers with ESET.
-
U.S. Attorney General Merrick Garland at a press conference on Jan. 26 in Washington. (Photo by Kevin Dietsch/Getty Images) Geopolitics FBI disrupts sophisticated Russian cyberespionage operation
A law enforcement effort dubbed “Medusa” targeted malware deployed by Moscow’s Federal Security Service, officials said Tuesday.
-
A woman works on a laptop inside a “Point of Invincibility” — gathering points providing alternative sources of heating, mobile communication and internet access — on November 28, 2022 in Lviv, Ukraine. (Stanislav Ivanov/Global Images Ukraine via Getty Images) Threats Notorious Russian hacking group appears to resurface with fresh cyberattacks on Ukraine
The group’s first known activity in Ukraine after Russia’s invasion registered dormant domains in order to obscure their attacks.
-
Ukrainian security forces stand guard with shell-damaged buildings in the background in the northwestern Kyiv suburb of Borodyanka, Ukraine, on April 21, 2022. (Photo by Scott Peterson/Getty Images) Threats Multiple government hacking groups stay busy targeting Ukraine and the region, Google researchers say
Multiple ongoing hacking efforts are either connected to or using the Russian military assault to target a wide range of entities.
-
(Getty Images) Technology Fake job listings help suspected Iranian hackers aim at targets in Lebanon
They’re using fake job documents to target victims.
-
The SolarWinds logo. Technology SolarWinds details stealthy code used to launch hacking campaign
The discovery adds to the public understanding of one of the most complex digital espionage operations in recent memory.
-
Lubyanka Building – headquarters of the Federal Security Service (FSB) in Moscow, Russia (Getty Images) Government Kaspersky discovers overlap between SolarWinds hack, Turla
The overlap isn’t totally definitive, researchers say.