APT

Pierluigi Paganini December 03, 2020
Hackers are targeting COVID-19 vaccine cold chain

IBM X-Force experts warned of threat actors actively targeting organizations associated with the COVID-19 vaccine cold chain. Researchers from IBM X-Force warned of threat actors actively targeting organizations associated with the COVID-19 vaccine cold chain. The experts uncovered a large scale spear-phishing campaign that has been ongoing since September 2020. Threat actors are impersonating a […]

Pierluigi Paganini December 02, 2020
Russia-linked APT Turla used a new malware toolset named Crutch

Russian-linked cyberespionage group Turla employed a new malware toolset, named Crutch, in targeted attacks aimed at high-profile targets. Russian-linked APT group Turla has used a previously undocumented malware toolset, named Crutch, in cyberespionage campaigns aimed at high-profile targets, including the Ministry of Foreign Affairs of a European Union country. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous Bear and KRYPTON) has been active […]

Pierluigi Paganini December 02, 2020
APT groups targets US Think Tanks, CISA, FBI warn

Cybersecurity and Infrastructure Security Agency (CISA) and FBI are warning of attacks carried out by threat actors against United States think tanks. APT groups continue to target United States think tanks, the Cyber Security and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warn. The work of US think tanks has a […]

Pierluigi Paganini December 01, 2020
Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Microsoft warns of Vietnam-linked Bismuth group that is deploying cryptocurrency miner while continues its cyberespionage campaigns Researchers from Microsoft reported that the Vietnam-linked Bismuth group, aka OceanLotus, Cobalt Kitty, or APT32, is deploying cryptocurrency miners while continues its cyberespionage campaigns. Cryptocurrency miners are typically associated with financially motivated attacks, but BISMUTH is attempting to take […]

Pierluigi Paganini November 29, 2020
Operators behind Dark Caracal are still alive and operational

The Dark Caracal APT group has carried out a series of attacks against multiple sectors using a new variant of a 13-year-old backdoor Trojan. The Dark Caracal cyberespionage group is back, researchers from Check Point uncovered a new series of attack against multiple industries. The Dark Caracal is an APT group associated with the Lebanese […]

Pierluigi Paganini November 27, 2020
North Korean hackers allegedly behind cyberattacks on AstraZeneca

The Reuters agency revealed in an exclusive that the COVID vaccine maker AstraZeneca was targeted by alleged North Korea-linked hackers. According to a report published by Reuters, suspected North Korea-linked hackers targeted AstraZeneca, one of the companies that are developing a COVID vaccine. The attack attempts took place in recent weeks, two people with knowledge […]

Pierluigi Paganini November 25, 2020
Group-IB Hi-Tech Crime Trends 2020/2021 report

Group-IB, a global threat hunting and intelligence company, has presented its annual Hi-Tech Crime Trends 2020/2021 report. In the report, the company examines key shifts in the cybercrime world internationally between H2 2019 and H1 2020 and gives forecasts for the coming year. The most severe financial damage has occurred as a result of ransomware activity. […]

Pierluigi Paganini November 18, 2020
China-linked APT10 leverages ZeroLogon exploits in recent attacks

Researchers uncovered a large-scale campaign conducted by China-linked APT10 targeting businesses using the recently-disclosed ZeroLogon vulnerability.  Symantec’s Threat Hunter Team, a Broadcom division, uncovered a global campaign conducted by a China-linked APT10 cyber-espionage group targeting businesses using the recently-disclosed ZeroLogon vulnerability.  The group, also known as Cicada, Stone Panda, and Cloud Hopper, has been active at […]

Pierluigi Paganini November 17, 2020
Chinese APT FunnyDream targets a South East Asian government

Researchers spotted a new China-linked APT, tracked as FunnyDream that already infected more than 200 systems across Southeast Asia. Security experts at BitDefender have uncovered a new China-linked cyber espionage group, tracked as FunnyDream that has already infected more than 200 systems across Southeast Asia over the past two years. According to Kaspersky Lab, FunnyDream […]

Pierluigi Paganini November 16, 2020
Lazarus malware delivered to South Korean users via supply chain attacks

North Korea-linked Lazarus APT group is behind new campaigns against South Korean supply chains that leverage stolen security certificates.  Security experts from ESET reported that North-Korea-linked Lazarus APT (aka HIDDEN COBRA) is behind cyber campaigns targeting South Korean supply chains. According to the experts the nation-state actors leverage stolen security certificates from two separate, legitimate South […]