Mind the (air) gap: GoldenJackal Targets Government Systems
New insights into GoldenJackal’s sophisticated toolsets, which have been used to carry out cyberespionage activities across Europe, South Asia, and the Middle East since 2019.
APT
APT-C-00 OceanLotus Utilizes Advanced Dual Loader with VMP Protections
On September 23, 2024, the Advanced Threat Research Institute’s 360 Threat Intelligence Center released a detailed analysis on APT-C-00, also known as OceanLotus, a notorious advanced persistent threat (APT) group with suspected state backing.
Iranian Cyber Espionage Campaign Targets Swedish SMS Service in Data Breach
The attack targeted a Swedish company that manages a mass SMS service. According to a preliminary investigation led by the Swedish Security Police (Säkerhetspolisen), the breach was orchestrated by the Iranian Islamic Revolutionary Guard Corps (IRGC).
Russian State-Sponsored Mobile Threats: A Decade of Espionage and Surveillance
On September 22, 2024, @BushidoToken released a threat intelligence report uncovering a decade of underreported Russian mobile espionage campaigns targeting Android and iOS users.
UNC1860: Iran’s Stealthy Cyber Espionage Campaign Targets Middle East Networks
This persistent and sophisticated group has been targeting government and telecommunications networks across the Middle East with a focus on gaining long-term access for espionage and potential cyber attacks.
Fox Kitten APT Continues to Exploit U.S. and Foreign Organizations, New Infrastructure Revealed
Censys conducted an independent investigation of the IOC profiles mentioned in the FBI/CISA report. Their research identified new patterns in the threat group’s infrastructure that could indicate previously undetected hosts linked to Fox Kitten
DPRK’s Python-based Intrusions Exploit Secured Networks Through Social Engineering
A recently analyzed attack, dubbed "VMConnect" by Reversing Labs, illustrates the DPRK’s evolving tactics, using Python code disguised as a coding challenge to deliver remote code execution (RCE) and steal data.