Tropic Trooper (also known as KeyBoy and Pirate Panda) is an APT group active since 2011. This group has traditionally targeted sectors such as government, healthcare, transportation and high-tech industries in Taiwan, the Philippines and Hong Kong.
Kaspersky recent investigation has revealed that in 2024 they conducted persistent campaigns targeting a government entity in the Middle East, starting in June 2023. Sighting this group’s TTPs in critical governmental entities in the Middle East, particularly those related to human rights studies, marks a new strategic move for them. This can help the threat intelligence community better understand the motives of this threat actor.
Read more…
Source: Kaspersky
Related:
- Researchers warn SCADA systems are still hopelessly insecure
June 18, 2018
BSides Industrial control systems could be exposed not just to remote hackers, but to local attacks and physical manipulation as well. A presentation at last week’s BSides conference by researchers from INSINIA explained how a device planted on a factory floor can identify and list networks, and trigger controllers to stop processes or production lines. Read more… Source: The ...
- Chinese Hackers Carried Out Country-Level Watering Hole Attack
June 14, 2018
Cybersecurity researchers have uncovered an espionage campaign that has targeted a national data center of an unnamed central Asian country in order to conduct watering hole attacks. The campaign is believed to be active covertly since fall 2017 but was spotted in March by security researchers from Kaspersky Labs, who have attributed these attacks to a ...
- Cyber security: Nation-state cyber attacks threaten everyone, warns ex-GCHQ boss
June 8, 2018
The dynamics of cyber warfare have changed so dramatically that nation-state attacks are now a problem everyone needs to face up to, the former head of the UK’s intelligence agency has warned. “Five years ago we were aware of nation-state attacks but we would’ve seen them as something that only a nation-state needs to worry about. Today they’re ...
- Researchers Warn of Microsoft Zero-Day RCE Bug
June 1, 2018
Researchers have discovered a medium-severity Windows vulnerability that enables remote attackers to execute arbitrary code – and Microsoft hasn’t issued a patch yet. The flaw, which was first discovered by Dmitri Kaslov of Telspace Systems, exists within the handling of error objects in JScript, according to a Tuesday advisory by Trend Micro’s Zero Day Initiative group. Read more… Source: ...
- Microsoft, Google: We’ve found a fourth variant of Meltdown-Spectre CPU holes
May 21, 2018
A fourth variant of the data-leaking Meltdown-Spectre security flaws in modern processors has been found by Microsoft and Google researchers. These speculative-execution design blunders can be potentially exploited by malicious software running on a vulnerable device or computer, or a miscreant logged into the system, to slowly extract secrets, such as passwords, from protected kernel or application memory, ...
- One Year After WannaCry: A Fundamentally Changed Threat Landscape
May 17, 2018
It’s been one year this week since the ransomware known as WannaCry infected more than 200,000 machines in 150 countries, causing billions of dollars in damages and grinding global business to a halt. The speed and scale of the attack – helped along by leaked National Security Agency hacking tools – was obviously notable, but ...