Tropic Trooper (also known as KeyBoy and Pirate Panda) is an APT group active since 2011. This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong.
Kaspersky recent investigation has revealed that in 2024 they conducted persistent campaigns targeting a government entity in the Middle East, starting in June 2023. Sighting this group’s TTPs in critical governmental entities in the Middle East, particularly those related to human rights studies, marks a new strategic move for them. This can help the threat intelligence community better understand the motives of this threat actor.
Read more…
Source: Kaspersky
Related:
- Lazada confirms 1.1M accounts compromised in RedMart security breach
October 30, 2020
Singapore-based online grocery platform RedMart has suffered a data breach that compromised personal data of 1.1 million accounts. An individual has claimed to be in possession of the database involved in the breach, which contains various personal information such as mailing addresses, encrypted passwords, and partial credit card numbers. RedMart customers on Friday were logged out ...
- SMS Phishing Attempts Are Riding the Presidential Election Wave
October 30, 2020
SMS-based outreach has become a standard in the political playbook, with candidates and their supporters soliciting financial support, opinions, and votes through texting with increasing frequency and sophistication. In the course of protecting enterprise endpoints, Symantec, a division of Broadcom, has turned up evidence of an increasingly prevalent scam tactic in the run-up to the ...
- CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT
October 29, 2020
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense Cyber National Mission Force (CNMF) have identified a malware variant—referred to as ComRAT—used by the Russian-sponsored advanced persistent threat (APT) actor Turla. In addition, U.S. Cyber Command has released the malware sample to the malware aggregation tool and ...
- Oracle WebLogic Server RCE Flaw Under Active Attack
October 29, 2020
If an organization hasn’t updated their Oracle WebLogic servers to protect them against a recently disclosed RCE flaw, researchers have a dire warning: “Assume it has been compromised.” Oracle WebLogic Server is a popular application server used in building and deploying enterprise Java EE applications. The console component of the WebLogic Server has a flaw, CVE-2020-14882, ...
- REvil ransomware gang claims over $100 million profit in a year
October 29, 2020
REvil ransomware developers say that they made more than $100 million in one year by extorting large businesses across the world from various sectors. They are driven by profit and want to make $2 billion from their ransomware service, adopting the most lucrative trends in their pursuit of wealth. Read more… Source: Bleeping Computer
- Hacker releases Georgia county’s election-related files
October 29, 2020
Hackers on Tuesday released a sample of stolen election-related documents from networks in Hall County, Ga., as part of their efforts to pressure county officials into paying a ransom for control of the files. The Wall Street Journal reported that the batch of files, which were largely administrative and nonsensitive in nature, came as part of ...