InfoSecBulletin Cybersecurity for mankind
Research is regularly published about Asian APT groups targeting organizations from different industries. These campaigns and incidents don’t only happen in one region.
Research like this usually includes detailed information about the tools used by APT actors, the vulnerabilities they exploit, and sometimes even specific attribution. Despite the abundance of these reports, companies often lack preparation to fend off such attackers.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
ALSO READ:
Exploring engagement of political parties on Facebook in Bangladesh
Cybersecurity professionals need advanced tools and techniques to combat threats. Along with expertise and experience, they also require infrastructure, asset management, vulnerability management, network segmentation, audits, and data security tools. Unprepared infrastructure is often the main reason Asian APT groups can carry out successful attacks.
Securlist report on Asian APT groups reveals their valuable intelligence. These groups attack many countries and industries. Our analysis of hundreds of attacks shows a common pattern and limited techniques used in various stages of the Cyber Kill Chain. Unfortunately, security teams struggle to detect these attacks in their own infrastructure.
Intended audience of this report:
The report provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups. This report will be the most helpful to the following:
SOC analysts
Cyber Threat Intelligence analysts
Threat Hunting experts
Digital Forensics (DFIR) experts
Cybersecurity experts
Domain administrators
C-Level executives responsible for cybersecurity at their companies
This material is a knowledge library about the main approaches used by Asian APT groups for hacking infrastructure. The report contains detailed information about the attackers’ tactics, techniques, and procedures (TTPs) based on the MITRE ATT&CK methodology.
