Tropic Trooper (also known as KeyBoy and Pirate Panda) is an APT group active since 2011. This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong.
Kaspersky recent investigation has revealed that in 2024 they conducted persistent campaigns targeting a government entity in the Middle East, starting in June 2023. Sighting this group’s TTPs in critical governmental entities in the Middle East, particularly those related to human rights studies, marks a new strategic move for them. This can help the threat intelligence community better understand the motives of this threat actor.
Read more…
Source: Kaspersky
Related:
- Gun owners’ fears after Guntrader.uk data breach
July 23, 2021
Thousands of names and addresses belonging to UK customers of a leading website for buying and selling shotguns and rifles have been published to the dark web following a “security breach”. Guntrader.uk told the BBC it learned of the breach on Monday and had notified the Information Commissioner’s Office. Police, including the National Crime Agency, are investigating. Read ...
- Updated XCSSET Malware Targets Telegram, Other Apps
July 22, 2021
In the last update on the XCSSET campaign, security researchers at Trend Micro updated some of its features targeting latest macOS 11 (Big Sur). Since then, the campaign added more features to its toolset, which we have continually monitored. We have also discovered the mechanism used to steal information from various apps, a behavior that ...
- Industrial Networks Exposed Through Cloud-Based Operational Tech
July 22, 2021
The benefits of using a cloud-based management platform to monitor and configure industrial control systems (ICS) devices are obvious — efficiency, cost-savings and better diagnostics just for starters. But new research found critical vulnerabilities in these platforms that could be used to paralyze operations if left unmitigated. An analysis by Claroty’s newly branded Team82 research team ...
- Kaseya obtains universal decryptor for REvil ransomware victims
July 22, 2021
Kaseya received a universal decryptor that allows victims of the July 2nd REvil ransomware attack to recover their files for free. On July 2nd, the REvil ransomware operation launched a massive attack by exploiting a zero-day vulnerability in the Kaseya VSA remote management application to encrypt approximately sixty managed service providers and an estimated 1,500 businesses. Read ...
- Attacks on critical infrastructure are dangerous. Soon they could turn deadly, warn analysts
July 22, 2021
Tech analyst firm Gartner reckons that hackers will have turned computer systems into weapons to the point that they could injure or kill humans by 2025, and that beyond the human tragedy it will cost businesses $50 billion to remediate across IT systems, litigation and compensation. Past malware attacks, such as Stuxnet, which is believed to ...
- NPM Package Steals Passwords via Chrome’s Account-Recovery Tool
July 21, 2021
A credentials-stealing code bomb that uses legitimate password-recovery tools in Google’s Chrome web browser was found lurking in the npm open-source code repository, waiting to be planted within the sprawling galaxy of apps that pull code from that source. Researchers caught the malware filching credentials from Chrome on Windows systems. The password-stealer is multifunctional: It also ...