Dark Reading

Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia

The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and ...

New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate ...
SecurityWeek

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

Progress has released patches for multiple remote code execution and OS command injection flaws in MOVEit WAF and LoadMaster.

Regular Password Resets Aren’t as Safe as You Think

Password resets are one of the easiest ways for attackers to bypass security controls. Specops Software shows how helpdesk ...
WeLiveSecurity

GopherWhisper: A burrow full of malware

ESET Research has discovered a new China-aligned APT group that we’ve named GopherWhisper, which targets Mongolian ...

ESET Research discovers new China-aligned group, GopherWhisper: It abuses messaging services Discord, Slack, and Outlook to spy

ESET Research has uncovered a new China-aligned APT group, which has been named GopherWhisper, that targets governmental institutions in ...