article thumbnail

New SPIKEDWINE APT group is targeting officials in Europe

Security Affairs

The ZIP archive contains an HTA file named wine.hta that contains obfuscated JavaScript code. The campaign is characterized by its very low volume and the advanced tactics, techniques, and procedures (TTPs) employed by the threat actors.

Archiving 103
article thumbnail

New ransomware group Hive leaks Altus group sample files

Security Affairs

On June 14th, Altus Group, a commercial real estate software solutions firm, disclosed a security breach, now Hive ransomware gang leaked its files. On June 14th, Altus Group, a commercial real estate software solutions company, has announced that its data was breached. Altus Group has been informed about the new development.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cyclops Ransomware group offers a multiplatform Info Stealer

Security Affairs

The Cyclops group has developed multi-platform ransomware that can infect Windows, Linux, and macOS systems. In an unprecedented move, the group is also offering a separate information-stealer malware that can be used to steal sensitive data from infected systems. ” reads the report. ” continues the report.

article thumbnail

New PowerExchange Backdoor linked to an Iranian APT group

Security Affairs

An alleged Iran-linked APT group targeted an organization linked to the United Arab Emirates (U.A.E.) The experts speculate that the backdoor is likely linked to an Iran-linked APT group. The experts speculate that the backdoor is likely linked to an Iran-linked APT group. with the new PowerExchange backdoor.

article thumbnail

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. ” continues the report.

article thumbnail

New KilllSomeOne APT group leverages DLL side-loading

Security Affairs

A new Chinese APT group, tracked as KilllSomeOne, appeared in the threat landscape targeting corporate organizations in Myanmar. A new Chinese APT group, tracked as KilllSomeOne, was spotted by researchers at Sophos. The advanced cyber-espionage group is targeting corporate organizations in Myanmar with DLL side-loading attacks.

article thumbnail

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

Symantec researchers reported that cyberespionage group APT41 targeted organizations in Hong Kong in a campaign that is a likely continuation of the Operation CuckooBees activity detailed by Cybereason in May. Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007.