APT

Cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems (updated)

The Cybersecurity and Infrastructure Security Agency (CISA) warns cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems.

Cyber actors continue to exploit Log4Shell vulnerability (CVE-2021-44228) in VMware Horizon Systems (updated) Read More »

security, alarm, monitor-5043368.jpg

Deep Panda APT group launches new attacks against Log4Shell vulnerability to install Fire Chili rootkits

In the past month, researchers from FortiLabs have detected a new cyber campaign involving Chinese Advanced Persistent Threat (APT) group Deep Panda that has exploited the Log4Shell (log4j) vulnerability CVE-2021-44228 on vulnerable VMware Horizon servers to install digitally signed Fire Chili rootkits.

Deep Panda APT group launches new attacks against Log4Shell vulnerability to install Fire Chili rootkits Read More »

CISA and FBI alert: Attackers actively exploiting vulnerability in Zoho ManageEngine ServiceDesk Plus

The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) issued a joint advisory warning attackers are actively exploiting a vulnerability CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus.

CISA and FBI alert: Attackers actively exploiting vulnerability in Zoho ManageEngine ServiceDesk Plus Read More »

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities

Iranian state-sponsored advanced persistent threat (APT) actors have been targeting and exploiting Microsoft Exchange and Fortinet vulnerabilities.

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities Read More »

APT group ChamelGang targets Russian Energy and Aviation industries, 9 other countries

A new advanced persistent threat (APT) group dubbed ChamelGang has been targeting Russian Energy and Aviation industries, as well as entities in 9 other countries.

APT group ChamelGang targets Russian Energy and Aviation industries, 9 other countries Read More »

U.S. government releases advisories and indictments related to “sophisticated Chinese state-sponsored activity”

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) have observed “sophisticated Chinese state-sponsored activity” targeting multiple public and private sectors in the United States.

U.S. government releases advisories and indictments related to “sophisticated Chinese state-sponsored activity” Read More »

New Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure

The Cybersecurity and Infrastructure Security Agency (CISA) has published a new analysis report on Supernova malware used in a cyberattack and long term compromise of an entity’s network and SolarWinds systems.

New Supernova malware analysis reveals new APT cyberattack methods against vulnerable SolarWinds infrastructure Read More »

FBI and CISA warn of Fortinet FortiOS vulnerability exploits

Cybersecurity experts from the FBI and CISA have issued a joint cybersecurity advisory warning of APT exploits of Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2019-5591 and CVE-2020-12812.

FBI and CISA warn of Fortinet FortiOS vulnerability exploits Read More »