Particle Data Platform
CyberWire Daily

This Sparrow doesn't migrate. [Research Saturday]

6/13/202623 min

Martin Zugec, Technical Solutions Director at Bitdefender, discussing their work on "FamousSparrow APT Targets Azerbaijani Oil and Gas Industry." Bitdefender researchers uncovered a sustained cyber espionage campaign by the China-linked FamousSparrow group targeting an Azerbaijani oil and gas company, highlighting the growing focus on critical energy infrastructure in the South Caucasus. The attackers repeatedly exploited the same vulnerable Microsoft Exchange server over multiple months, deploying evolving versions of Deed RAT and Terndoor malware through sophisticated DLL sideloading techniques designed to evade detection and maintain persistence. The operation underscores FamousSparrow's adaptability and persistence, demonstrating how advanced threat actors continually refine their tooling and return to compromised environments until vulnerabilities are fully remediated and access is cut off. The research and executive brief can be found here: FamousSparrow APT Targets Azerbaijani Oil and Gas Industry Learn more about your ad choices. Visit megaphone.fm/adchoices

Clips

Sandbox-Dodging Malware Trick
Patch Within 24 Hours
APT Knowledge Sharing
Espionage Over Energy Deals
Three Waves, Same Door

Transcript preview

First 90 seconds

  1. Speaker 10:00

    [intro music] You're listening to the CyberWire Network, powered by N2K.

  2. Dave Bittner· Host0:05

    [outro music] When it comes to mobile application security, good enough is a risk. A recent survey shows that 72% of organizations reported at least one mobile application security incident last year, and 92% of responders reported threat levels have increased in the past two years. GuardSquare delivers the highest level of security for your mobile apps without compromising performance, time to market, or user experience. Discover how GuardSquare provides industry-leading security for your Android and iOS apps at www.guardsquare.com. Hello, everyone, and welcome to the CyberWire's Research Saturday. I'm Dave Bittner, and this is our weekly conversation with researchers and analysts tracking down the threats and vulnerabilities, solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace. Thanks for joining us.

  3. Martin Zuzek· Guest1:17

    As Russia is focusing more and more on Europe and the Ukraine, of course, we are seeing

We value your privacy

We use cookies to understand how you use our platform and to improve your experience. Click "Accept All" to consent, or "Decline non-essential" to opt out of non-essential cookies. Read our Privacy Policy.