The Russian-speaking hack group Winter Vivern (aka TA473 in the Proofpoint classification) has been actively exploiting a vulnerability in Zimbra and has been stealing letters from NATO officials, governments, military personnel and diplomats since February 2023. Let me remind you that we also wrote that the FBI and NSA release a statement about attacks by… Continue reading Russian-Speaking Hack Group Winter Vivern Attacks Governments in Europe and Asia
Tag: SentinelOne
Chinese Hacker Group Revealed after a Decade of Undetected Espionage
The New Chinese Spying Threat Actor Identified SentinelLabs, an American cybersecurity company, has reported about a Chinese hacking group Aoqin Dragon, which has managed to conduct successful spying activities against companies in Australia and South Asia for about ten years without being tracked. Different cybersecurity companies partially encountered the group’s actions in the past, but… Continue reading Chinese Hacker Group Revealed after a Decade of Undetected Espionage
Researchers found a vulnerability that affects millions of HP, Xerox and Samsung printers
In February of this year, SentinelOne experts found a 16-year-old vulnerability in the driver of HP, Xerox and Samsung printers. The problem allows attackers to gain administrator rights on systems that use vulnerable software. The vulnerability received the identifier CVE-2021-3438 and has been present in the driver code since 2005, that is, it poses a… Continue reading Researchers found a vulnerability that affects millions of HP, Xerox and Samsung printers
Sarwent malware opens RDP ports on infected machines
SentinelOne experts noticed that the new version of the Sarwent malware opens the RDP ports on infected computers. Researchers believe that this is due to the fact that maware operators can sell access to infected hosts to other criminal groups. Sarwent is a not-so-famous backdoor trojan, active since 2018. Previous versions of malware had a… Continue reading Sarwent malware opens RDP ports on infected machines