pixelsandalchemy#Mojo #DarkPink #Geranium
#PinkMon #BloomScrolling #Photography
Global Cyber AllianceWe’ve published the final post in our series assessing the Asia-Pacific threat landscape through GCA’s AIDE data, all leading up to CTO Leslie Daigle's keynote at #APNIC60 on Tuesday, September 8th.
This installment examines #DarkPink, a cyber-espionage campaign targeting government, defense, and education sectors across Southeast Asia and beyond.
Using data from #AIDE—our global honeypot network—we confirmed the campaign’s late-2022 surge, heavy reliance on cloud and ISP infrastructure, and credential-driven intrusions.
The findings highlight how attackers abuse legitimate services, exploit weak credentials, and leverage global infrastructure to extend their reach.
More broadly, they reinforce the need for collective action across network operators and the security community to reduce unwanted traffic and strengthen the Internet’s foundations.
💡 Read the final blog here:
Dark Pink APT Campaigns Through the Lens of AIDE Telemetry - GCA | Global Cyber Alliance | Working to Eradicate Cyber Risk
We explore Dark Pink, a cluster of cyber espionage activity targeting government, defense, and education organizations in APAC.
Niepopularna opinia Bóbr Kurwa#ai #aiArt #aiArtWork #Anime #BlondHair #BlackOutfit #ContrastingShadows #DarkPink #PulpComics #Leather #Elegant #EmotiveFaces #Stipple #PosterArt #NeoPunkRebellion #LightBeigeSkin #AntiGloss #PopArtIconography #OneColorFaceSkin #StudioGhibliStyle #ai #aiArt #aiArtWork #animegirl #black #blondhair #contrastingshadows #darkpink #pulpcomics #leather #elegant #emotivefaces #stipple #posterart #neopunk #rebellion #lightbeige #antigloss #popart #iconography #onecolor #StudioGhibli #16by9
Just Another Blue TeamerHappy Wednesday everyone! #DarkPInk is at it again and Group-IB wastes no time in exposing their TTPs in Dark Pink. Episode 2! This is a thorough and well detailed article by Andrey Polovinkin! Enjoy and Happy Hunting!
Link is in the comments!
***AS usual I am going to leave one of the MITRE ATT&CK blank. I would like to see if any of you that see this can help FILL in that blank! If so, leave your thoughts in the comments OR send me a DM!***
Notable TTPs:
TA0001 - Initial Access
T1566.002 - Phishing: SpearPhishing Link
TA0002 - Execution
T1059.001 - Command and Scripting Interpreter: PowerShell
TA0003 - Persistence
T1053.005 - Scheduled Task/Job: Scheduled Task
TA0004 - Privilege Escalation
T[There are a couple in this article. Can you name 1?]
#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting
securityaffairs#DarkPink #APT targets Govt entities in South Asia
https://securityaffairs.com/143415/apt/dark-pink-apt-south-asia.html
#securityaffairs #hacking
https://securityaffairs.com/143415/apt/dark-pink-apt-south-asia.html
#securityaffairs #hacking
Dark Pink APT targets Govt entities in South Asia
Researchers reported that Dark Pink APT employed a malware dubbed KamiKakaBot against Southeast Asian targets. In February 2023, EclecticIQ researchers spotted multiple KamiKakaBot malware samples that were employed by the Dark Pink APT group (aka Saaiwc) in attacks against government entities in Southeast Asia countries. The activity of the group was first detailed by Group-IB […]
Josh LemonReally nice write-up from the GroupIB team on an #APT they are calling #DarkPink (aka #SaaiwcGroup) targeting #APAC victims.
The lateral movement technique via WMI Filter/Consumer to USB is interesting.
Andrea Fortuna 
A new advanced threat actor known as #DarkPink, also referred to as #Saaiwc Group, has been found to be targeting government agencies and military bodies in multiple countries in the #APAC region using custom malware to steal confidential information. #GroupIB #cybersecurity #APT https://andreafortuna.org/2023/01/11/new-dark-pink-apt-group-targets-governmental-and-military-organizations?utm_source=dlvr.it&utm_medium=mastodon
New Dark Pink APT group targets governmental and military organizations
A new advanced threat actor known as Dark Pink, also referred to as Saaiwc Group, has been found to be targeting government agencies and military bodies in multiple countries in the APAC region using custom malware to steal confidential information.