Back in 2024, Kaspersky researchers gave a brief description of a complex cyberespionage campaign that we dubbed “PassiveNeuron”. This campaign involved compromising the servers of government organizations with previously unknown APT implants, named “Neursite” and “NeuralExecutor”.
However, since its discovery, the PassiveNeuron campaign has been shrouded in mystery. For instance, it remained unclear how the implants in question were deployed or what actor was behind them. After the researchers detected this campaign and prevented its spreading back in June 2024, they did not see any further malware deployments linked to PassiveNeuron for quite a long time, about six months. However, since December 2024, Kaspersky researchers have observed a new wave of infections related to PassiveNeuron, with the latest ones dating back to August 2025.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- AI-supported spear phishing fools more than 50% of targets
January 7, 2025
One of the first things everyone predicted when artificial intelligence (AI) became more commonplace was that it would assist cybercriminals in making their phishing campaigns more effective. Now, researchers have conducted a scientific study into the effectiveness of AI supported spear phishing, and the results line up with everyone’s expectations: AI is making it easier to ...
- Italian digital identity provider suffers data breach, 5.5M customers affected
January 7, 2025
InfoCert has had millions of its customers’ personal data stolen and put up for sale. A leading European certification authority and provider of digital identity services such as Italy’s SPID (Public Digital Identity System), InfoCert posted a public notice on its website detailing the data breach on December 27. However, the notice has since been taken ...
- ICAO ‘investigating’ security breach after hacker claims theft of personal data
January 7, 2025
UN aviation agency ‘investigating’ security breach after hacker claims theft of personal data The International Civil Aviation Organization (ICAO), a United Nations agency that defines international operating standards for civil aviation, has confirmed it’s investigating a cybersecurity incident. In a statement published on Monday, ICAO said it is “actively investigating reports of a potential information security ...
- Multiple Vulnerabilities in Redis
January 7, 2025
Two security advisories have been released to address two vulnerabilities in Redis. Redis is a popular in-memory key-value database that persists on disk. CVE-2024-46981 is a ‘use after free’ vulnerability with a CVSSv3 score of 7.0. If exploited, an authenticated attacker could use a specially crafted Lua script to achieve remote code execution. CVE-2024-51741 is an ...
- EAGERBEE, with updated and novel components, targets the Middle East
January 6, 2025
In recent investigation into the EAGERBEE backdoor, kaspersky researchers found that it was being deployed at ISPs and governmental entities in the Middle East. The researchers analysis uncovered new components used in these attacks, including a novel service injector designed to inject the backdoor into a running service. Additionally, Kaspersky team discovered previously undocumented components (plugins) ...
- New Orleans attacker filmed visits to city weeks earlier, wore Meta smart glasses during attack
January 5, 2025
The New Orleans terrorist attacker visited the Louisiana city twice in the weeks before the attack and recorded video of the area using Meta smart glasses, the FBI revealed Sunday. Shamsud-Din Jabbar, 42, stayed at a rental home in New Orleans at the end of October and again in November, just weeks prior to his attack ...