Scattered Lapsus$ Hunters: Organizations, be aware of the effort of this cybercriminal alliance as they target retail and hospitality for extortion. The post The Golden Scale: Bling Libra and the Evolving Extortion Economy appeared first on Unit 42.| Unit 42
Phantom Taurus is a previously undocumented Chinese threat group. Explore how this group's distinctive toolset lead to uncovering their existence. The post Phantom Taurus: A New Chinese Nexus APT and the Discovery of the NET-STAR Malware Suite appeared first on Unit 42.| Unit 42
We connect Bookworm malware to Chinese APT Stately Taurus using our attribution framework, enhancing our understanding of threat group tradecraft. The post Bookworm to Stately Taurus Using the Unit 42 Attribution Framework appeared first on Unit 42.| Unit 42
Recent activity targeting telecom infrastructure is assessed with high confidence to overlap with Liminal Panda activity. The actors used custom tools, tunneling and OPSEC tactics for stealth. Recent activity targeting telecom infrastructure is assessed with high confidence to overlap with Liminal Panda activity. The actors used custom tools, tunneling and OPSEC tactics for stealth.| Unit 42
CL-STA-1020 targets Southeast Asian governments using a novel Microsoft backdoor we call HazyBeacon. It misuses AWS Lambda URLs for C2. CL-STA-1020 targets Southeast Asian governments using a novel Microsoft backdoor we call HazyBeacon. It misuses AWS Lambda URLs for C2.| Unit 42
