APT group
NSFOCUS Honored as a Representative Vendor in Gartner’s 2024 Market Guide for Security Threat Intelligence Products and Services
SANTA CLARA, Calif., August 21, 2024 – We are thrilled to announce that NSFOCUS has been recognized for the fourth consecutive year in Gartner’s esteemed 2024 Market Guide for Security Threat Intelligence ...
New APT Group Actor240524: A Closer Look at Its Cyber Tactics Against Azerbaijan and Israel
Overview Leveraging NSFOCUS’s Global Threat Hunting System, NSFOCUS Security Labs (NSL) captured an attack campaign targeting Azerbaijan and Israel on July 1, 2024. By analyzing the tactics, attack vectors, weapons, and infrastructure ...
TransparentTribe’s Spear-Phishing Targeting Indian Government Departments
Overview Leveraging our global threat hunting system, NSFOCUS Security Research Labs discovered spear-phishing email attacks by the APT group TransparentTribe targeting Indian government departments on February 2, 2024. The timing of these ...
The New APT Group DarkCasino and the Global Surge in WinRAR 0-Day Exploits
Overview In 2022, NSFOCUS Research Labs revealed a large-scale APT attack campaign called DarkCasino and identified an active and dangerous aggressive threat actor. By continuously tracking and in-depth study of the attacker’s ...
APT Group DarkPink Exploits WinRAR 0-Day to Target Multiple Entities in Vietnam and Malaysia
Overview NSFOCUS Security Labs has been continuously monitoring the newly discovered WinRAR 0-day vulnerability, CVE-2023-38831. It has come to our attention that the advanced persistent threat group known as DarkPink has recently ...
North Korean APT Group Targets Academia via Malicious Chrome Extensions
Security researchers have uncovered an APT group with possible ties to North Korea that has targeted academic institutions since May. The group, dubbed Stolen Pencil by researchers from Netscout, send spear-phishing emails ...
BlackEnergy Successor Hits Energy Companies Since 2015
For the past three years, a stealthy cyberespionage group has been targeting energy companies, primarily from Poland and Ukraine, using a new malware framework dubbed GreyEnergy. GreyEnergy is a modular malware platform ...
Backdoor Links 2016 Ukrainian Blackout to Sandworm APT and NotPetya
Analysis of a new backdoor program allowed malware researchers to establish clear links between the cyberattacks that led to power outages in Ukraine in 2015 and 2016 and the NotPetya ransomware outbreak ...
