Toggle navigation
TWText.com
TWText.com
faq
Contact US
Follow US
#APT32
Christopher Glyer
cglyer
We've all received emails with no attachment and assume it's "safe" to open in a mail client (as long as we don't explicitly click on any URLs). Right?Not so much...
Read more
hakan
hatr
Here is the english version of our investigation on #APT32/#OceanLotus, a group that is relentlessly targeting civil society. We're telling the stories of the people affected, of threat intel analysts
Read more
hakan
hatr
NEW:#APT32/#OceanLotus is targeting dissidents, human rights workers and journalists across In a joint investigation with @zeitonline, we retraced their steps, did tons of technical work, spoke w/ affected people
Read more
James Pearson
pearswick
Now this is impressive: Days before the first coronavirus infections were detected outside China, Vietnamese state-backed actors were hacking into China's Ministry of Emergency Management and the government of Wuhan,
Read more
Christopher Glyer
cglyer
“FireEye said APT32 targeted a small group of people with emails that included tracking links to notify the hackers when they were opened.”Email tracking pixels - FTW!https://twitter.com/jc_stubbs/status/1252903231061180417 If you aren’t
Read more
hakan
hatr
I was alerted to this ESET paper (https://www.welivesecurity.com/wp-content/uploads/2018/03/ESET_OceanLotus.pdf) On page 15 (see screenshot) you can see that #OceanLotus uses DNS-based requests and encodes the name of the computer right the
Read more