We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that began in March. We also show the infection routines of the malware families they use to infect multiple sectors worldwide: TONEINS, TONESHELL, and PUBLOAD.
Related Post
- April 22, 2025
Docker Malware Exploits Teneo Web3 Node to Earn
Cybersecurity researchers have detailed a malware campaign that’s targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The
- April 22, 2025
GCP Cloud Composer Bug Let Attackers Elevate Access
Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate
- April 22, 2025
5 Major Concerns With Employees Using The Browser
As SaaS and cloud-native work reshape the enterprise, the web browser has emerged as the new endpoint. However, unlike endpoints,
- April 22, 2025
Phishers Exploit Google Sites and DKIM Replay to
In what has been described as an “extremely sophisticated phishing attack,” threat actors have leveraged an uncommon approach that allowed