Telecommunications and IT service providers in the Middle East and Asia are being targeted by a previously undocumented Chinese-speaking threat group dubbed WIP19.
The espionage-related attacks are characterized by the use of a stolen digital certificate issued by a Korean company called DEEPSoft to sign malicious artifacts deployed during the infection chain to evade detection.
“Almost all
Related Post
- September 19, 2024
This Windows PowerShell Phish Has Scary Potential
Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who
- September 19, 2024
FBI Shuts Down Chinese Botnet
The FBI has shut down a botnet run by Chinese hackers: The botnet malware infected a number of different types
- September 19, 2024
New Brazilian-Linked SambaSpy Malware Targets Italian Users via
A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected
- September 19, 2024
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with
The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS)