A team of ESET cybersecurity researchers has unveiled the inner workings of “BladedFeline,” an advanced persistent threat (APT) group attributed to Iranian interests.
Active since at least 2017, BladedFeline has quietly infiltrated networks of the Kurdistan Regional Government (KRG), Iraq’s government, and even a...
Researchers recently uncovered that the attackers are deploying advanced techniques to evade even the most secured security environments.
The latest trend? Using stealthy, obfuscated system calls (syscalls) to bypass Endpoint Detection and Response (EDR) solutions and neutralize logging mechanisms like Event Tracing for Windows (ETW).
How...
Chinese cybersecurity agencies, backed by leading research labs and security firms, have publicly accused Taiwan’s Information, Communications and Electronic Force Command (ICEFCOM), allegedly supported by the United States, of orchestrating a multi-year campaign of Advanced Persistent Threat (APT) attacks targeting critical infrastructure and sensitive...
In a striking escalation of attack sophistication, advanced threat actors are now leveraging “stealth syscalls” to systematically evade Windows security monitoring tools including Event Tracing for Windows (ETW), Sysmon, and modern Endpoint Detection and Response (EDR) solutions.
This new wave of malware employs multiple technical...
A previously little-known Iranian advanced persistent threat (APT) group dubbed “BladedFeline” has been quietly operating inside high-value Middle Eastern networks for at least eight years, leveraging a multi-tool arsenal to maintain persistent access and evade detection.
Uncovered by ESET researchers in 2024 after discovering...
Threat intelligence teams began tracking an evolution in the PowerShell-based ViperSoftX malware family, which has rapidly gained notoriety across underground forums and threat-hunting communities.
The latest samples uncovered in live campaigns and malware-sharing hubs demonstrate a decisive step forward in modularity, stealth, and persistence,...