Network attacks
-
Remote desktop AnyDesk hacked, user data security at risk!
AnyDesk, the well-known remote desktop software, has been hacked and some of its data compromised. The company has taken steps to fix the vulnerability and is advising users to reset their passwords and download the latest version of the software.
-
Agent Racoon malicious backdoor attacks organizations in the Middle East, Africa and other countries
"This malware family is written using the .NET framework and leverages the Domain Name Service (DNS) protocol to create...
-
Mantis: New tool used in attacks on Palestinian targets
Espionage groups invest time and effort in avoiding detection and persisting on compromised networks.
The Mantis cyber espionage group (aka Arid Viper, Desert Falcon, APT-C-23), a threat actor believed to operate within the Palestinian territories, is conducting ongoing attacks, deploying an updated toolset and sparing no effort in targeting targets. Maintain a persistent presence on the web.
The group is known for targeting organizations in the Middle East, but the recent activity discovered by Symantec, a subsidiary of Broadcom Software, is focused on organizations in the Palestinian territories. The malicious activity began in September 2022 and continued until at least February 2023. moon. This kind of targeting is not unprecedented for the Mantis group, which previously revealed attacks against individuals located in the Palestinian territories in 2017. -
New “HrServ.dll” Web Shell Detected in APT Attack Against Afghan Government
The latest analysis released by Kaspersky security researcher Mert Degirmenci shows that the Web Shell is a dynamic link library (DLL) named "hrserv.dll" with complex functions, such as custom encoding methods for client communication and memory execution. . An investigation by the Russian cybersecurity firm Kaspersky found artifacts dating back to early 2021 based on their compilation timestamps...
-
Investigation report on the US NSA attack on Northwestern Polytechnical University in my country
Recently, Northwestern Polytechnical University issued a "Public Statement" stating that the school suffered from overseas cyber attacks. The Beilin Branch of the Public Security Bureau of Xi'an City, Shaanxi Province immediately issued a "Police Information Bulletin", confirming that a number of Trojan horse program samples originating from abroad were found in the information network of Northwestern Polytechnical University. The Xi'an police...
-
Thoughts on security protection after Google experienced APT attack
The following is adapted from remarks delivered by Global Affairs President Kent Walker at the 2022 Cybersecurity International Conference on July 19, 2022. Thank you for the opportunity to participate in this important conversation about cybersecurity. At Google, I…