APT

Pierluigi Paganini January 11, 2017
Thousands of unpatched Magento shops hacked in the last two years

According to the BSI more than 6,000 online stores running eBay’s Magento platform have been hacked across the last two years. According to the Germany’s Federal Office for Information Security, more than 6,000 online stores running eBay’s Magento platform have been hacked across the last two years. Crooks targeted the e-commerce platform in order to steal credit […]

Pierluigi Paganini January 11, 2017
ShadowBrokers offers for sale the stolen NSA Windows Hacking Tools

The ShadowBrokers is the hacker crew stolen the arsenal of the NSA-Linked Equation Group is offering for sale the stolen NSA Windows Hacking Tools. The ShadowBrokers is the hacker crew that leaked a portion of the arsenal of the NSA-Linked Equation Group, a precious archive containing hacking tools and exploits. At the end of October,  the hackers leaked a fresh […]

Pierluigi Paganini January 10, 2017
The Los Angeles Community College District paid a $28,000 ransom to decrypt its files

The Los Angeles Community College District has paid a US$28,000 ransomware after crooks compromised its network. Fortunately, the school retrieved data. A Los Angeles school has paid a US$28,000 ransomware after crooks compromised its network. Cyber criminals encrypted computer services, including email systems, at the Los Angeles Community College District. The ransomware used in the attack encrypted […]

Pierluigi Paganini January 09, 2017
French Minister Le Drian on cyber espionage: France is not immune, ready to hack back

Defense Minister Le Drian comments expressed concerns about cyber attacks against defense systems and warns of hacking campaigns on the upcoming elections. According to the Defence Minister Jean-Yves Le Drian France defense was targeted by thousands of attacks in 2016. France thwarted more than 24,000 cyber attacks against Defence systems last year. The Minister confirmed that thousands […]

Pierluigi Paganini January 08, 2017
Iranian Group OilRig is back and delivers digitally signed malware

ClearSky Security discovered a new campaign conducted by the Iranian OilRig APT leveraging digitally signed malware and fake University of Oxford domains. The OilRig hacker group is an Iran-linked APT that has been around since at least 2015. Researchers at Palo Alto Networks have been monitoring the group for some time and have reported attacks launched against government agencies, financial institutions and technology companies in Saudi Arabia, Israel, the United Arab Emirates, Lebanon, Kuwait and Qatar, the United States, […]

Pierluigi Paganini January 07, 2017
China-Linked DragonOK APT Group continues updating tools and tactics

The China-linked DragonOK continues updating tools and tactics and targeted entities in various countries, including Russia and Tibet. It was September 2014, when security researchers at FireEye spotted for the first time the cyber espionage activities of a Chinese state-sponsored group dubbed DragonOK. At the time, FireEye discovered two hacking campaigns conducted by distinct groups operating in separate regions […]

Pierluigi Paganini January 07, 2017
President Putin ordered cyber attacks and propaganda to influence US Election

Putin ordered cyber attacks and propaganda to influence Election. Reading the “Assessing Russian Activities and Intentions in Recent US Elections” Report. The US Office of the Director of National Intelligence (ODNI) has released an unclassified version of intel community’s findings on activities conducted by the Russian Government in the attempt to influence the 2016 US Presidential […]

Pierluigi Paganini January 06, 2017
MM Core APT malware is back, Forcepoint has detected 2 new versions

Forcepoint has detected two new versions of an advanced persistent threat (APT) malware dubbed MM Core APT and first discovered in 2013. The APT MM Core malware has been in the wild since April 2013 when it was spotted for the first time by experts at FireEye. The malware researchers dubbed the first release of the […]

Pierluigi Paganini January 05, 2017
FireCrypt comes as a malware building kit and includes DDoS code

Recently experts from MalwareHunterTeam discovered FireCrypt ransomware, a threat that comes as a malware building kit and includes DDoS code. Ransomware has become one of the fastest growing threats, new malware implements sophisticated features to avoid detection and rapidly spread among the greatest number of machines. Recently experts from MalwareHunterTeam discovered a new strain of ransomware dubbed FireCrypt, […]

Pierluigi Paganini December 31, 2016
FBI-DHS JAR report links Russian hackers to Presidential Election hacks

A FBI-DHS JAR report released implicated Russian hacking group APT28 and APT29 in attacks against 2016 Presidential Election. The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) published on Thursday a Joint Analysis Report(JAR) that provides information about the tools, infrastructure and TTPs used by the Russian civilian and military intelligence […]