all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Blackwood APT delivers malware by hijacking legitimate software update requests

Add to bookmarks
Jan. 25, 2024, 11:19 a.m. | Help Net Security

Help Net Security www.helpnetsecurity.com

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage operations against individuals and companies from China, Japan, and the United Kingdom. It leverages adversary-in-the-middle techniques to hijack update requests from legitimate software to deliver the implant. ESET mapped the evolution of NSPX30 back to an earlier ancestor – a simple backdoor they have named Project Wood. The oldest sample found … More →


The post …

adversary adversary-in-the-middle apt apt group backdoor china companies cyber espionage cyberespionage don't miss eset hijack hijacking implant japan malware mitm operations requests researchers software software update techniques uk united united kingdom update

Visit resource

More from www.helpnetsecurity.com / Help Net Security

Most people still rely on memory or pen and paper for password management 1 day, 23 hours ago | www.helpnetsecurity.com
accounts australia authentication bitwarden +24
LSA Whisperer: Open-source tools for interacting with authentication packages 2 days ago | www.helpnetsecurity.com
authentication azuread cybersecurity github +16
What AI can tell organizations about their M&A risk 2 days ago | www.helpnetsecurity.com
acquisition adoption ai adoption amp +19
Breaking down the numbers: Cybersecurity funding activity recap 2 days, 1 hour ago | www.helpnetsecurity.com
10 million aim aim security alethea +55
New infosec products of the week: April 26, 2024 2 days, 1 hour ago | www.helpnetsecurity.com
april capabilities cyber cyberint +21
Net neutrality has been restored 2 days, 10 hours ago | www.helpnetsecurity.com
actions broadband communications consumers +24
Stellar Cyber and Acronis team up to provide optimized threat detection solutions for MSPs 2 days, 15 hours ago | www.helpnetsecurity.com
acronis aim and response cloud +22
Edgio Client-Side Protection enables organizations to secure critical customer data 2 days, 15 hours ago | www.helpnetsecurity.com
apis browser client client-side +26
IBM to buy HashiCorp in $6.4 billion cash deal, expanding cloud portfolio 2 days, 16 hours ago | www.helpnetsecurity.com
agreement capabilities cash cloud +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Application Security Engineer - Enterprise Engineering

@ Meta | Bellevue, WA | Seattle, WA | New York City | Fremont, CA
View on infosec-jobs.com

Security Engineer

@ Retool | San Francisco, CA
View on infosec-jobs.com

Senior Product Security Analyst

@ Boeing | USA - Seattle, WA
View on infosec-jobs.com

Junior Governance, Risk and Compliance (GRC) and Operations Support Analyst

@ McKenzie Intelligence Services | United Kingdom - Remote
View on infosec-jobs.com

GRC Integrity Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com
View more jobs