A previously unknown APT (advanced persistent threat) group calling itself ‘Earth Longzhi’ targets organizations in East Asia, Southeast Asia, and Ukraine. The threat actors have been operational since at least 2020, using custom versions of Cobalt Strike loader plants to plant persistent backdoors on victim employees’ devices. Earth Longzhi’s older campaign Trend Micro’s report
Researchers have discovered large-scale phishing campaigns on YouTube as tutorials for downloading and installing cracked software, freemium products. The bypass trick associated with the Information stealer video tutorial lures the viewers into believing the video is a scam for their desired software. We’ve seen very similar attempts in the past, downloading Pennywise and Redline stealer.
Researchers have found a significant security vulnerability affecting Cosmos DB, the name of a Microsoft database service, which lets an unauthenticated read-write of one’s components. And, it was found in access to Azure Cosmos DB Jupyter Notebooks integrated with Azure’s web portal and subscribing to Cosmos DB accounts for the purpose of analyzing and querying
The Chinese Cicada hacking group was publicly referred to as APT10, which is responsible for targeting Japanese machines with LODEINFO malware. These organizations included media outlets, diplomatic agencies, government organizations, and think tanks, which in China are of interest to organized international espionage. According to Kaspersky, the analysts have watched APT10’s activities in Japan since
