The China-aligned APT (advanced persistent threat) group known as Bronze Starlight was seen targeting the Southeast Asian gambling industry with malware signed using a valid certificate used by the Ivacy VPN provider.
The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS) web servers to gain initial access to corporate networks.
Hackers are abusing the Windows Problem Reporting (WerFault.exe) error reporting tool for Windows to load malware into a compromised system s memory using a DLL sideloading technique.
By Ionut Arghire on April 05, 2021
China-linked cyber-espionage group Cycldek is showing increasing sophistication in a series of recent attacks targeting government and military entities in Vietnam, according to a report from anti-malware vendor Kaspersky.
Active since at least 2013 and also referred to as Goblin Panda and Conimes, Cycldek is known for the active targeting of governments in Southeast Asia, and their preference for targets in Vietnam.
In June last year, the group was revealed to have used a piece of custom malware to exfiltrate data from air-gapped systems, a clear sign of evolution for a group considered less sophisticated. The more recent attacks, Kaspersky says, show further increase in sophistication.