A cyber-espionage campaign was found targeting the Vietnamese military and government, as well as other sectors and some entities in Thailand and Central Asia. The campaign featured sophisticated techniques, as well as a new remote-access trojan (RAT) and spyware. Even with a lack of complete details, researchers managed to link the tactics, techniques, and procedures (TTPs) to a threat collective associated with the People’s Republic of China (PRC), and attributed it with low confidence to the “Cycldek” group. The campaign highlights the increasing technical sophistication of PRC-linked advanced persistent threat (APT) groups, problems with obfuscation and attribution, and the need to be aware of strategic and operational developments of these groups.
Other content in this Stream
ShadowTalk hosts Alec, Ivan, Sean, and Digital Shadows CISO, Rick, bring you the latest in threat intelligence.
Security researchers discovered two unrelated cyber-threat campaigns targeting Microsoft SharePoint.
This guide outlines best practices for cyber threat intelligence and features resources to leverage when developing or improving your organization's cyber threat intelligence capabilities.
ShadowTalk hosts Alec, Ivan, Charles, and newcomer, Sean, bring you the latest in threat intelligence.
The FBI made digital copies of malicious web-shells before removing them from hundreds of vulnerable servers in the US, without any warning to affected organizations.
ShadowTalk hosts Stefano, Adam, Kim, and Chris bring you the latest in threat intelligence.
A compilation of some of our favorite readings, resources, and tools that relate to Cyber Threat Intelligence.
ShadowTalk hosts Alec, Ivan, Charles, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
A user of the cybercriminal forum RaidForums has offered 533 million records of Facebook user data for only a few US dollars.
This illustration of the intelligence cycle will allow you to see what we do at each stage of the cycle to ensure we effectively answer stakeholder requirements.
ShadowTalk hosts Stefano, Dylan, Kim, and Chris bring you the latest in threat intelligence.
Insurance provider CNA Financial has announced it was targeted in a cyber attack, later confirmed as involving the newly identified “Phoenix Cryptolocker” ransomware.
ShadowTalk hosts Alec, Austin, Charles, and Digital Shadows CISO Rick bring you the latest in threat intelligence.
The new Internet of Things (IoT) botnet ZHtrap has been turning devices it has infected into honeypots, in a novel technique that highlights yet another risk presented by exposed IoT devices.
Digital Shadows CISO Rick hosts this edition of ShadowTalk. He’s joined by special guest John Kindervag, creator of Zero Trust and Senior Vice President, Cybersecurity Strategy at ON2IT Cybersecurity.
ShadowTalk hosts Stefano, Adam, Kim, and first-timer Chris bring you the latest in threat intelligence.
Four zero-day vulnerabilities in Microsoft Exchange Servers have been linked to more than 30,000 cyber attacks taking place in the week following their discovery.
Initial access brokers are benefitting from a rise in adoption of remote access software. This Initial Access Brokers Report analyzes this phenomenon and what it means for security practitioners.
Let’s start with a scenario. You’ve finally convinced the business to begin the journey of building up a threat intelligence ...