The U.S. Department of Justice indites middle-aged doctor, accusing him of being a malware mastermind.
Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise.
The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks.
Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said.
A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data.
The threat group known as TA410 that wields the sophisticated FlowCloud RAT actually has three subgroups operating globally, each with their own toolsets and targets.
At least five APTs are believed involved with attacks tied ground campaigns and designed to damage Ukraine’s digital infrastructure.
A campaign by APT37 used a sophisticated malware to steal information about sources , which appears to be a successor to Bluelight.
Ghostwriter is one of 3 campaigns using war-themed attacks, with cyber-fire coming in from government-backed actors in China, Iran, North Korea & Russia.
The supply-chain attack on the U.S. energy sector targeted thousands of computers at hundreds of organizations, including at least one nuclear power plant.