Related Families: HTTPSnoop, PipeSnoop
Verticals Targeted: Telecommunications
Recent Posts
Related Families: Mandibule, Cobalt Strike, Trochilus, RedLeaves
Verticals Targeted: Government
Executive Summary
China nexus threat actor group Earth Lusca was observed using a Linux-based backdoor dubbed SprySOCKS to target government entities.
Verticals Targeted: Gambling, Hospitality, Recreation
Executive Summary
MGM Resorts International was the victim of a recent cyber attack that impacted several systems, including its website, reservations, and in-casino services such as ATMs, slot machines, and credit card machines. ALPHV has taken credit for the attack.
Verticals Targeted: Automotive, Communications, Engineering, Financial Services, Healthcare, Insurance, Legal, Manufacturing, Retail, Technology, Telecommunications
Executive Summary
Charming Kitten, an Iran nexus threat actor group, was recently observed using Sponsor backdoor to target at least 34 entities in Brazil, Israel, and UAE.
Related Families: Remcos RAT, Metasploit
Verticals Targeted: Manufacturing, Retail, Wholesale, Legal, Professional Services
Executive Summary
Mallox, also known as TargetCompany, FARGO, and Tohnichi, is a ransomware family targeting Windows systems, particularly unsecured MS-SQL servers, to compromise victim networks.
Executive Summary
Two GREF espionage campaigns used trojanized Android apps to deliver BadBazaar spyware variants.
Related Families: Korplug, PlugX
Executive Summary
In a recent campaign, Carderbee targeted entities in Hong Kong and other regions of Asia via a supply chain attack leveraging the legitimate Cobra DocGuard software.
Related Families: SKIPJACK, DEPTHCHARGE, FOXTROT, FOXGLOVE
Verticals Targeted: Government, Military, Defense, Aerospace, Technology, Telecommunications
Executive Summary
UNC4841 was observed using CVE-2023-2868 to target entities in multiple verticals, including government and military.