.jpg?20260314')
Kaspersky has uncovered a sophisticated attack targeting secure USB drives designed for sensitive environments.
A government entity in Southeast Asia developed the drives, which were compromised with malicious code injected into their access management software.
The malicious code was designed to steal confidential files and spread itself to other USB drives of the same type, acting as a USB worm. While this technique resembles attacks targeting UTetris USB management software last year, attributed to the TetrisPhantom group, the new malware is distinct.
Kaspersky’s Q3 APT report reveals a surge in advanced persistent threat (APT) activities, with various groups targeting diverse sectors and regions. Notable campaigns include P8, which has launched new attacks on Vietnamese financial institutions and manufacturing firms. Awaken Likho, a long-standing threat actor, has expanded its operations to numerous countries, recently adopting the MeshAgent remote administration tool.
The Scieron backdoor has been used in attacks on a government entity in Africa and a telecom provider in Central Asia. MuddyWater has intensified its operations in the Middle East and North Africa, utilising VBS/DLL-based implants. Tropic Trooper, historically focused on Taiwan, has shifted its attention to Egypt. ExCone has evolved, now employing JavaScript loaders to target Russian educational institutions. Finally, PassiveNeuron, a newly discovered threat actor, is targeting government entities in Latin America and East Asia with sophisticated, unknown malware.
To safeguard against these evolving threats, Kaspersky recommends organisations leverage up-to-date threat intelligence to stay informed about the latest tactics and techniques. Additionally, upskilling the security team to effectively respond to advanced attacks is crucial. Implementing robust security solutions is essential, as is educating employees about social engineering tactics to prevent initial infection.
Finally, keeping operating systems and software up-to-date to patch vulnerabilities is paramount. By adopting these measures, organisations can significantly enhance their cybersecurity posture and mitigate the risks posed by advanced threats.
avinash@gdnmedia.bh
Top stories for today:
National Day celebrations will sparkle with fireworks!
Proposal to restrict expats from switching jobs backed
Festive joy begins with Christmas tree lighting
&uuid=(email))