Attacks, Threats, and Vulnerabilities
Chinese Cyberespionage Bootcamps Training Recruits in the Art of Supply Chain Attacks for Over a Decade (Yahoo Finance) New report from Venafi shows Chinese threat actors targeting code signing certificates for use in software supply chain attacks
(Venafi) Learn about the infamous APT41 group and why they are abusing code signing keys and certificates as powerful weapons to steal and exploit data. Find out which industries are they targeting, the anatomy of their attack and who’s really behind them.
Group-IB report: “RedCurl. The pentest you didn’t know about” (Group-IB) Research of the new espionage APT-group RedCurl and its elaborate attacks on enterprise companies in North America, Europe and CIS
RedCurl hacking group returns with new attacks (The Record by Recorded Future) Even after its operations were publicly exposed in August 2020, the RedCurl hacking group has continued to carry out new intrusions and has breached at least four companies this year, according to a new report from security firm Group-IB.
Hackers Targeting Myanmar Use Domain Fronting to Hide Malicious Activities (The Hacker News) Hackers Targeting Myanmar Use Domain Fronting to Hide Malicious Activities
Previously unreported North Korean espionage part of busy 2021 for country’s hackers (CyberScoop) A North Korean cyber espionage group known primarily for targeting think tanks, advocacy groups, journalists and others related to Pyongyang’s adversaries around the world has been quite prolific in 2021, according to email security firm Proofpoint.
State-sponsored North Korean hackers responsible for blitz of attacks in 2021 (The Record by Recorded Future) Suspected government-backed hackers from North Korea launched…