The FBI, NSA and CISA are highlighting IoCs and TTPs used in an attack on a defense industrial base organization that leveraged compromised credentials, a custom data exfiltration tool and the Impacket open-source toolkit.
Researchers have discovered a new APT actor called Metador that has been targeting ISPs, telcos, and universities in the Middle East and Africa.
APT42 is creative in its social engineering efforts and steals credentials and MFA authentication codes in order to compromise targets and conduct espionage.
Meta said it took down the accounts linked to the APT attacks, blocked their domain infrastructure from being shared on its services and notified victims.
An APT group dubbed ToddyCat has emerged to target Exchange servers in organizations across Asia and Europe.