APT Archives

A man talks on the phone walking along Red Square in front of St. Basil’s Cathedral in central Moscow on February 28, 2023. (Photo by Alexander NEMENOV / AFP) (Photo by ALEXANDER NEMENOV/AFP via Getty Images)

New Russian state-sponsored APT quickly gains global reach, hitting expansive targets

Laundry Bear, a group recently identified by Dutch intelligence and security services, stole work-related contact details on the Netherlands’ national police force in September 2024, Microsoft researchers…

May 27, 2025 By Matt Kapko

Attacks on industrial organizations soared by 87% last year, while the number of ransomware groups impacting the OT/ICS space jumped 60%, according to cybersecurity firm Dragos. (Image Source: Getty Images)

Dragos: Surge of new hacking groups enter ICS space as states collaborate with private actors

States are increasingly collaborating with cybercriminal groups to share resources and amplify attacks on critical infrastructure in rival nations, a new report finds.

Feb 25, 2025 By Derek B. Johnson

Treasury officials were notified by BeyondTrust on Dec. 8 that “a threat actor had gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices end users.” (Image Via Getty)

Treasury workstations hacked by China-linked threat actors

According to a letter sent to Senate leaders and obtained by CyberScoop, the compromises occurred through third-party software provider BeyondTrust, which provides identity and access management security…

Dec 30, 2024 By Derek B. Johnson

North Korean hacking group makes waves to gain Mandiant, FBI spotlight

The newly designated APT45 pursues military intelligence but has been expanding its targets, Mandiant says.

Jul 25, 2024 By Tim Starks

Microsoft CEO Satya Nadella (R) greets OpenAI CEO Sam Altman during the OpenAI DevDay event on November 06, 2023 in San Francisco, California. (Photo by Justin Sullivan/Getty Images)

State-backed hackers are experimenting with OpenAI models

Microsoft and OpenAI say hackers from China, Iran, North Korea and Russia are exploring the use of large language models in their operations.

Feb 14, 2024 By Elias Groll