Kaspersky researchers discuss how a targeted campaign against Android users in Southeast Asia relied on spyware apps that snuck onto official app marketplaces such as Google Play.
The US government is warning of continued attacks from groups associated with the North Korean government.
APT41, an attack group connected to China, has been running a broad campaign using public exploits and flaws to target companies in 20 countries.
While helping a customer deal with a state-sponsored attack group which had been stealing data and email for about eight months, Microsoft’s incident response team uncovered five other threat actors operating simultaneously on the network.
Microsoft took over 50 domains used by threat actors known as Thallium, which the company says are operating from North Korea.