Back in 2024, Kaspersky researchers gave a brief description of a complex cyberespionage campaign that we dubbed “PassiveNeuron”. This campaign involved compromising the servers of government organizations with previously unknown APT implants, named “Neursite” and “NeuralExecutor”.
However, since its discovery, the PassiveNeuron campaign has been shrouded in mystery. For instance, it remained unclear how the implants in question were deployed or what actor was behind them. After the researchers detected this campaign and prevented its spreading back in June 2024, they did not see any further malware deployments linked to PassiveNeuron for quite a long time, about six months. However, since December 2024, Kaspersky researchers have observed a new wave of infections related to PassiveNeuron, with the latest ones dating back to August 2025.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Deep Dive into a Dumped Malware without a PE Header
May 29, 2025
This analysis is part of an incident investigation led by the FortiGuard Incident Response Team. Fortiguard Incident Response Team discovered malware that had been running on a compromised machine for several weeks. The threat actor had executed a batch of scripts and PowerShell to run the malware in a Windows process. Although obtaining the original malware ...
- FBI probes effort to impersonate White House chief of staff Susie Wiles
May 29, 2025
One or more unknown people accessed White House chief of staff Susie Wiles’ personal cellphone and used her contacts file to reach out to other top officials and impersonate her, sources told CBS News Thursday. Some of the recipients realized the messages were suspicious because the texts and calls came from an unknown number, sources said, ...
- A third of UK fintechs put customers data at risk of cyber attack
May 29, 2025
UK fintechs are putting thousands of customers in jeopardy by leaving themselves vulnerable to a cyber attack, shocking new research reveals. Nearly 800 firms’ digital presence was analysed by the ethical hacking platform Ethiack as it scrutinised their cybersecurity. Four in ten fintechs were found to be giving hackers a “powerful headstart” by revealing software details ...
- Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis
May 29, 2025
Google Threat Intelligence Group (GTIG) tracked 75 zero-day vulnerabilities exploited in the wild in 2024, a decrease from the number we identified in 2023 (98 vulnerabilities), but still an increase from 2022 (63 vulnerabilities). GTIG researchers divided the reviewed vulnerabilities into two main categories: end-user platforms and products (e.g., mobile devices, operating systems, and browsers) and ...
- UK: NHS patient data at risk in major cyber attack
May 28, 2025
A newly uncovered cyber attack has exposed sensitive information at two major NHS trusts, raising fears that patient records could be at risk. University College London hospitals, NHS Foundation Trust, and University Hospital Southampton, NHS Foundation Trust were among the victims identified in a widespread cyber breach. analysed by cybersecurity firm EclecticIQ. The company have said ...
- Victoria’s Secret pulls down website amid security incident
May 28, 2025
Clothing and lingerie retailer Victoria’s Secret suspended most of the functionality of its website and some in-store services to “address a security incident,” according to a statement posted to the company’s website on Wednesday. “We identified and are taking steps to address a security incident,” a Victoria’s Secret spokesperson told Reuters in an email on Wednesday. ...