Back in 2024, Kaspersky researchers gave a brief description of a complex cyberespionage campaign that we dubbed “PassiveNeuron”. This campaign involved compromising the servers of government organizations with previously unknown APT implants, named “Neursite” and “NeuralExecutor”.
However, since its discovery, the PassiveNeuron campaign has been shrouded in mystery. For instance, it remained unclear how the implants in question were deployed or what actor was behind them. After the researchers detected this campaign and prevented its spreading back in June 2024, they did not see any further malware deployments linked to PassiveNeuron for quite a long time, about six months. However, since December 2024, Kaspersky researchers have observed a new wave of infections related to PassiveNeuron, with the latest ones dating back to August 2025.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Don’t Click Twice – New Chrome, Edge, Safari Hack Attack Warning
January 5, 2025
Hundreds of millions of web users have been warned about a new and dangerous cyber attack that doesn’t care what browser you use—as long as you click twice. Here’s everything you need to know about the double-clickjacking hack attack. Application security and client-side offensive exploit researcher Paulos Yibelo, with a long history of discovering vulnerabilities and ...
- What We Know About CVE-2024-49112 and CVE-2024-49113
January 4, 2025
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112, a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113, a denial-of-service (DoS) flaw with a 7.5 CVSS score. This blog entry provides an overview of these two vulnerabilities and includes information that ...
- A Windows filetype update may have complicated cyber threat detection efforts
January 4, 2025
The use of archive files as malware delivery mechanisms is evolving, presenting challenges for Secure Email Gateways (SEGs), new research has claimed. A recent report by Cofense highlights how cybercriminals exploit various archive formats to bypass security protocols, particularly following a significant update to Windows in late 2023. Traditionally, .zip files have been the most common ...
- Top AI Trends from 2024 – A Look Back
January 3, 2025
2024 may go down as the year AI stopped being a technological novelty and became—more consequentially—a Fact of Life. Big names like Microsoft, Salesforce, and Intuit built AI into mainstream enterprise solutions; specialized AI apps and services sprung up for everything from copywriting to data analysis; and governments, think tanks, and regulators poured effort into ...
- Nigeria, South Africa, Algeria top targets for cyber attacks in 2024
January 1, 2025
In the first half of 2024, Nigeria saw 2,721 incidents, with the telecom sector, computer services sector, Data processing and hosting companies, and even local beauty salons having a fair dose of the attacks respectively. At the time, experts attributed the rise in cyberattacks to digital transformation initiatives the country was carrying out such as adoption ...
- Thomas Cook India website goes down after cyberattack
January 1, 2025
Thomas Cook India has announced that its IT infrastructure is under a cyberattack. The travel services provider also said it’s working with security experts to investigate the incident and will take necessary remedial actions. The company stated that it promptly took steps to investigate and respond upon discovering the incident, including shutting down affected systems. The company’s ...