#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

DNSpionage | Breaking Cybersecurity News | The Hacker News

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies

Jan 06, 2024 Cyber Espionage / Supply Chain Attack
Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as  Sea Turtle . "The infrastructure of the targets was susceptible to supply chain and island-hopping attacks, which the attack group used to collect politically motivated information such as personal information on minority groups and potential political dissents," Dutch security firm Hunt & Hackett  said  in a Friday analysis. "The stolen information is likely to be exploited for surveillance or intelligence gathering on specific groups and or individuals." Sea Turtle, also known by the names Cosmic Wolf, Marbled Dust (formerly Silicon), Teal Kurma, and UNC1326, was  first documented  by Cisco Talos in April 2019, detailing  state-sponsored attacks  targeting public and private entities in the Middle E
'Karkoff' Is the New 'DNSpionage' With Selective Targeting Strategy

'Karkoff' Is the New 'DNSpionage' With Selective Targeting Strategy

Apr 24, 2019
The cybercriminal group behind the infamous DNSpionage malware campaign has been found running a new sophisticated operation that infects selected victims with a new variant of the DNSpionage malware. First uncovered in November last year, the DNSpionage attacks used compromised sites and crafted malicious documents to infect victims' computers with DNSpionage —a custom remote administrative tool that uses HTTP and DNS communication to communicate with the attacker-controlled command and control server. According to a new report published by Cisco's Talos threat research team, the group has adopted some new tactics, techniques and procedures to improve the efficacy of their operations, making their cyber attacks more targeted, organised and sophisticated in nature. Unlike previous campaigns, attackers have now started performing reconnaissance on its victims before infecting them with a new piece of malware, dubbed Karkoff , allowing them to selectively choose which t
How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)

How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)

Feb 19, 2024Network Detection and Response
Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response. Are you aware of  Network Detection and Response (NDR)  and how it's become the most effective technology to detect cyber threats?  NDR massively upgrades your security through risk-based alerting, prioritizing alerts based on the potential risk to your organization's systems and data. How? Well, NDR's real-time analysis, machine learning, and threat intelligence provide immediate detection, reducing alert fatigue and enabling better decision-making. In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false positives and efficient threat response. Why Use Risk-Based Alerting? Risk-based alerting is an approach where security alerts and responses are prioritized based on the level of risk they pose to an organization's system
Cybersecurity Resources