The Transparent Tribe APT has evolved its lures, expanded its victimology and added a new malware family to its arsenal.
The Naikon APT group attributed to China has been using a new backdoor known as Nebulae in attacks against military organizations in Asia.
A new China-aligned threat group known as UNC2630 is using a zero day in Pulse Connect Secure VPN to breach government agencies and enterprises.
The Lazarus threat group is hiding its payloads in bitmap image (BMP) files, as seen in spear-phishing attacks targeting victims in South Korea.
The U.S. federal agency advisory on the active exploits of five flaws comes in tandem with the U.S. government formally attributing the SolarWinds supply-chain attack to Russian Foreign Intelligence Service (SVR) actors.