APT-C-36

APT-C-36 is a suspected South America espionage group that has been active since at least 2018. The group mainly targets Colombian government institutions as well as important corporations in the financial sector, petroleum industry, and professional manufacturing.

This Cyber News was published on attack.mitre.org. Publication date: Thu, 07 Dec 2023 22:12:07 +0000

Cyber News related to APT-C-36

What is an advanced persistent threat? - An advanced persistent threat is a prolonged and targeted cyber attack in which an intruder gains access to a network and remains undetected for an extended period. APT attacks are initiated to steal highly sensitive data rather than cause damage to ...
2 years ago Techtarget.com Cozy Bear APT29

CVE-2020-5202 - apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit ...
3 years ago

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence - North Korea-linked APT group Kimsuky has been linked to a cyberattack on Diehl Defence, a defense firm specializing in the production of advanced military systems. “Researchers from Mandiant, a Google subsidiary, uncovered and analyzed a ...
1 year ago Securityaffairs.com Kimsuky

Cyber Insights 2023: Criminal Gangs - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. Despite some geopolitical overlaps with state attackers, the majority of ...
2 years ago Securityweek.com

CVE-2020-27350 - APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 ...
3 years ago

ESET APT Activity Report T3 2022 - ESET APT Activity Report T3 2022 summarizes the activities of selected advanced persistent threat groups that were observed, investigated, and analyzed by ESET researchers from September until the end of December 2022. In the monitored timespan, ...
2 years ago Welivesecurity.com MuddyWater Mustang Panda POLONIUM

Signature Techniques of Asian APT Groups Revealed - The Kaspersky Cyber Threat Intelligence team has unveiled crucial insights into the tactics, techniques and procedures employed by Asian Advanced Persistent Threat groups. The 370-page report, Modern Asian APT groups: Tactics, Techniques and ...
2 years ago Infosecurity-magazine.com

Russian hackers target unpatched JetBrains TeamCity servers - Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish cybersecurity and law enforcement authorities have warned. APT 29, believed to ...
2 years ago Helpnetsecurity.com CVE-2023-42793 Andariel

Russian APT Turla Wields Novel Backdoor Malware Against Polish NGOs - Russia-sponsored advanced persistent threat group Turla is now targeting Polish NGOs in a cyberespionage campaign that uses a freshly developed backdoor with modular capabilities, signaling an expansion of the scope of its attacks against supporters ...
1 year ago Darkreading.com Turla

Chinese APT Hackers Using Proxy and VPN to Evade Detection - Chinese APT (Advanced Persistent Threat) hacker groups have increasingly adopted the use of proxies and VPNs to mask their activities and evade detection by cybersecurity defenses. These threat actors leverage these tools to anonymize their network ...
3 months ago Cybersecuritynews.com Chinese APT groups

Mysterious Elephant APT Hackers Infiltrate Organization - The recent cyberattack by the Mysterious Elephant APT group has raised significant concerns in the cybersecurity community. This advanced persistent threat (APT) group successfully infiltrated a major organization, demonstrating sophisticated tactics ...
2 months ago Cybersecuritynews.com CVE-2023-34527 CVE-2023-28252 Mysterious Elephant

Harmony Horizon Bridge and Lazarus APT Activities Revealed - SecurityAffairs recently shed light on a report by FireEye security researchers about the activities of the Harmony Horizon Bridge and Lazarus APTs. The report includes a new variant of the Bridge malware named “Ovorum”, as well as the TVShow ...
2 years ago Securityaffairs.com

Dragonspark APT Targets East Asia with Malware - The Dragonspark Advanced Persistent Threat (APT) has recently been detected targeting East Asia with malware and other malicious programs. Dragonspark is believed to be an organized hacker group – possibly based in China – that is actively ...
2 years ago Securityaffairs.com

CVE-2009-1358 - apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick ...
5 years ago

Iran-Linked 'OilRig' Cyberattackers Target Israel's Critical Infrastructure, Over & Over - Prolific Iranian advanced persistent threat group OilRig has repeatedly targeted several Israeli organizations throughout 2022 in cyberattacks that were notable for leveraging a series of custom downloaders that use legitimate Microsoft cloud ...
2 years ago Darkreading.com OilRig

Sandworm APT targets Ukraine with new SwiftSlicer wiper - Russia-linked Sandworm APT group is behind a new Golang-based wiper, tracked as SwiftSlicer, that hit Ukraine, ESET reports. Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The ...
2 years ago Securityaffairs.com

State-Sponsored APT Groups Use Ransomware Tactics for Intelligence Gathering and Sabotage - State-sponsored threat groups are increasingly using ransomware-like tactics to hide more insidious activities. Russian APT group Sandworm has used ransomware programs to destroy data multiple times in the past six months, while North Korea's Lazarus ...
2 years ago Csoonline.com Andariel APT3 APT37 APT38 Kimsuky Lazarus Group BianLian

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities - Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative targets. WinRAR vulnerabilities provide an entry point to manipulate compressed files, potentially executing malicious code on a victim's ...
2 years ago Gbhackers.com CVE-2023-23397 CVE-2023-38831 CVE-2023-32231

Chinese APT Hacks 48 Government Organizations - An advanced persistent threat actor likely operating on behalf of the Chinese government has compromised dozens of foreign government entities worldwide, Trend Micro reports. Referred to as Earth Krahang, the hacking group appears linked to Earth ...
1 year ago Securityweek.com Earth Lusca

FlyingYeti targets Ukraine using WinRAR exploit to drop Malware - MUST READ. FlyingYeti targets Ukraine using WinRAR exploit to deliver COOKBOX Malware. Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw. Microsoft fixed two zero-day bugs exploited in malware attacks. ...
1 year ago Securityaffairs.com CVE-2022-38028 CVE-2024-0204 CVE-2023-46747 CVE-2023-46748 CVE-2023-20198 CVE-2023-38831 CVE-2023-38035 APT28 APT29

Chinese APT Group Targets IT Service Provider in Recent Cyber Espionage Campaign - A recent cyber espionage campaign has been uncovered involving a Chinese Advanced Persistent Threat (APT) group targeting an IT service provider. This attack highlights the increasing sophistication and persistence of state-sponsored threat actors in ...
2 months ago Cybersecuritynews.com Chinese APT Group

APT Hackers Attacking Maritime and Shipping Industry to Launch Ransomware Attacks - The Turla/Tomiris group has particularly refined this approach, utilizing infected USB drives containing industrial espionage tools that eventually deploy ransomware across entire fleet management networks, effectively holding maritime operations ...
4 months ago Cybersecuritynews.com Mustang Panda CVE-2022-22707 APT41 Turla

StripedFly malware framework infects 1 million Windows, Linux hosts - A sophisticated cross-platform malware platform named StripedFly flew under the radar of cybersecurity researchers for five years, infecting over a million Windows and Linux systems during that time. Kaspersky discovered the true nature of the ...
2 years ago Bleepingcomputer.com

CVE-2008-0302 - Untrusted search path vulnerability in apt-listchanges.py in apt-listchanges before 2.82 allows local users to execute arbitrary code via a malicious apt-listchanges program in the current working directory. ...
17 years ago