Tropic Trooper (also known as KeyBoy and Pirate Panda) is an APT group active since 2011. This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong.
Kaspersky recent investigation has revealed that in 2024 they conducted persistent campaigns targeting a government entity in the Middle East, starting in June 2023. Sighting this group’s TTPs in critical governmental entities in the Middle East, particularly those related to human rights studies, marks a new strategic move for them. This can help the threat intelligence community better understand the motives of this threat actor.
Read more…
Source: Kaspersky
Related:
- Spam and phishing in Q1 2020
May 26, 2020
Burning Man is one of the most eagerly awaited events among fans of spectacular performance and installation art. The main obstacle to attending is the price of admission: a standard ticket will set you back $475, the number is limited, and the buying process is a challenge all by itself (there are several stages, registration ...
- Forward-looking security analysis of smart factories [Part 2] Security risks of industrial application stores
May 26, 2020
On May 11, 2020, Trend Micro released a paper showing the results of proof-of-concept research on new security risks associated with smart factories. In this series of 5 columns, based on the results of this research, we will look at the security risks to be aware of when promoting smart factories by examining overlooked attack ...
- Factory Security Problems from an IT Perspective (Part 2): People, processes, and technology
May 26, 2020
This article is the second in a series that discusses the challenges that IT departments face when they are assigned the task of overseeing cybersecurity in factories and implementing measures to overcome these challenges. Before beginning to consider countermeasures, in the first article we explained the source of the challenges while focusing on the differences ...
- Turla APT Revamps One of Its Go-To Spy Tools
May 26, 2020
The Turla APT group has been spotted using an updated version of the ComRAT remote-access trojan (RAT) to attack governmental targets. Turla (a.k.a. Snake, Venomous Bear, Waterbug or Uroboros), is a Russian-speaking threat actor known since 2014, but with roots that go back to 2004 and earlier, according to previous research from Kaspersky. “It is a ...
- Europol, Capgemini team up in cybercrime prevention, awareness campaigns
May 26, 2020
Europol and Capgemini have agreed to pool their resources in new cybersecurity awareness campaigns and the expansion of existing collaboration on threat intelligence. On Tuesday, Europol’s European Cybercrime Centre (EC3) said a Memorandum of Understanding (MoU) has been signed with the consultancy giant that is expected to lead to new “joint exercises, capacity building, and prevention campaigns.” Europol and ...
- Qakbot Resurges, Spreads through VBS Files
May 25, 2020
Through managed detection and response (MDR), we found that a lot of threats come from inbound emails. These messages usually contain phishing links, malicious attachments, or instructions. However, in our daily investigation of email metadata, we often detect threats not just in inbound emails, but even in the users’ own sent items folder. This involves ...