We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that began in March. We also show the infection routines of the malware families they use to infect multiple sectors worldwide: TONEINS, TONESHELL, and PUBLOAD.
Related Post
- April 22, 2025
GCP Cloud Composer Bug Let Attackers Elevate Access
Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate
- April 22, 2025
5 Major Concerns With Employees Using The Browser
As SaaS and cloud-native work reshape the enterprise, the web browser has emerged as the new endpoint. However, unlike endpoints,
- April 22, 2025
Phishers Exploit Google Sites and DKIM Replay to
In what has been described as an “extremely sophisticated phishing attack,” threat actors have leveraged an uncommon approach that allowed
- April 22, 2025
Microsoft Secures MSA Signing with Azure Confidential VMs
Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs)