APT

Pierluigi Paganini February 28, 2017
The Gamaredon Group is back with new weapons in its arsenal

The Russian state-actor dubbed Gamaredon is back and has been using a custom-developed malware in a new cyber espionage campaign. According to the experts from Palo Alto Networks, a Russian state-actor dubbed Gamaredon has been using a custom-developed malware in cyber espionage campaign on the Ukrainian government, military and law enforcement officials. The Gamaredon APT was first spotted in […]

Pierluigi Paganini February 26, 2017
Shamoon 2 malware, ASERT has shed light on the C2 and the infection process

The analysis conducted by Arbor Networks on the Shamoon 2 malware has shed light on the control infrastructure and the infection process. Security researchers from Arbor Networks’ Security Engineering and Response Team (ASERT) have conducted a new analysis of the Shamoon 2 malware discovering further details on the tools and techniques used by the threat […]

Pierluigi Paganini February 24, 2017
South Korea targeted by a cyber espionage campaign, experts blame Norks

South Korea is once against under attack, alleged nation-state hackers have launched a sophisticated cyber espionage campaign on organizations in the public sector. According to the experts at Cisco Talos, the cyber espionage campaign was active between November 2016 and January 2017 and leveraged on vulnerabilities in a Korean language word processing program (Hangul Word […]

Pierluigi Paganini February 21, 2017
Operation BugDrop – Hackers siphoned 600GB taking control of PC microphones

Security firm CyberX uncovered the Operation Bugdrop, a cyber espionage campaign that mostly targeted Ukrainian organizations. Researchers at Security firm CyberX have discovered a cyber espionage campaign that siphoned more than 600 gigabytes from about 70 targets in several industries, including critical infrastructure and news media. The list of targets includes: A company that designs […]

Pierluigi Paganini February 17, 2017
The ViperRAT APT group is targeting the Israeli Defense Force

A group of hackers tracked as ViperRAT is spying on the Israeli military by hacking into the soldiers’ personal Android mobile devices. A group of hackers, tracked as ViperRAT, is spying on the Israeli military by hacking into the soldiers’ personal Android mobile devices to track their activities and steal sensitive data. Experts from security firms […]

Pierluigi Paganini February 16, 2017
Iranian hackers behind the Magic Hound campaign linked to Shamoon

Security researchers discovered cyber espionage operation dubbed  Magic Hound campaign that is linked to Iran and the recent Shamoon 2 attacks. Security experts at Palo Alto Networks have discovered a new cyber espionage campaign linked to Iran that targeted several organizations in the Middle East. The espionage campaign dubbed Magic Hound, dates back at least mid-2016. […]

Pierluigi Paganini February 16, 2017
Google was aware of Russian APT28 group years before others

Lorenzo Bicchierai from MotherBoard shared an interesting private report about Russian cyber espionage operations conducted by APT28, the document was leaked online by Google. The report dating 2014 includes information collected by Google on the hacking activities conducted by its hackers. In October 2014, the security experts at FireEye linked cyber attacks against a number of […]

Pierluigi Paganini February 16, 2017
IBM shares details on the attack chain for the Shamoon malware

Security experts at IBM published a report that includes precious details on the attack chain of the dreader Shamoon cyberweapon. The dreaded Shamoon malware, aka Disttrack, has resurrected and government agencies and threat intelligence firms are investigating the recent strings of attacks leveraging the dangerous disk wiper. We detected the Shamoon malware for the first time in August 15th, […]

Pierluigi Paganini February 15, 2017
Russian hacker Rasputin breaches over 60 Universities and Government Agencies

The Russian-speaking black hat hacker Rasputin, hacked systems of more than 60 universities and U.S. government agencies. According to the threat intelligence firm Recorded Future, a Russian-speaking black hat hacker, known as ‘Rasputin‘, hacked systems of more than 60 universities and U.S. Government agencies. We met Rasputin in December 2016, when he was offering for sale stolen login […]

Pierluigi Paganini February 15, 2017
BitDefender found the first MAC OS version of the X-Agent used by the APT28

Security experts at Bitdefender discovered a MAC OS version of the X-Agent malware used by the Russian APT28 cyberespionage group. Security experts at BitDefender have discovered a MAC OS malware program that’s likely part of the arsenal of the dreaded Russian APT 28 group (aka Pawn Storm, Sednit, Sofacy, Fancy Bear and Tsar Team). The Russian nation-state actor was involved […]