APT

Pierluigi Paganini March 01, 2019
Only now we known that International Civil Aviation Organization (ICAO) was hacked in 2016

Canadian media revealed that in November 2016, the International Civil Aviation Organization (ICAO) was a hit by a large-scale cyberattack. The security breach was discovered by an analyst at Lockheed Martin that immediately informed the organization. The expert discovered that hackers took control of two of its servers to carry out a so-called watering hole […]

Pierluigi Paganini February 20, 2019
Microsoft says Russian APT28 espionage group hit Democratic Institutions in Europe

Microsoft says Russian APT28 group carried out multiple cyberattacks on democratic institutions in Europe between September and December 2018.  Microsoft revealed that hackers belonging to the cyber espionage group APT28 (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) launched several attacks on democratic institutions in Europe between September and December 2018. The tech giant revealed that 104 accounts belonging […]

Pierluigi Paganini February 20, 2019
North Korea’s Lazarus APT targets Russian Entities

Security researchers at Check Point have uncovered a cyber espionage campaign conducted by Lazarus APT group aimed at Russian targets. Security experts at Check Point have uncovered a cyber espionage campaign carried out by Lazarus aimed at Russian targets, If the attribution is correct, this is the first time that North Korean cyber spies were […]

Pierluigi Paganini February 10, 2019
Security Affairs newsletter Round 200 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Can Enterprises execute a GRC Movement? Experts observed […]

Pierluigi Paganini February 03, 2019
Security Affairs newsletter Round 199 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Using steganography to obfuscate PDF exploits Aztarna – […]

Pierluigi Paganini January 30, 2019
Iran-Linked APT39 group use off-the-shelf tools to steal data

An Iran-linked cyber-espionage group tracked as APT39 is carrying out a widespread campaign using a broad range of custom and off-the-shelf tools. The APT39 cyberespionage group is carrying out a widespread campaign using a broad range of custom and off-the-shelf tools. The group has been active at least since November 2014, its operations are aligned […]

Pierluigi Paganini January 30, 2019
Sofacy’s Zepakab Downloader Spotted In-The-Wild

In the last weeks, the Cybaze-Yoroi ZLAB investigated a new APT28 campaign leveraging the Zepakab Downloader. In the last weeks, the Cybaze-Yoroi ZLAB investigated a new APT28 campaign discovered in January 2019. The sample has been initially identified by an Italian independent security researcher, who warned the InfoSec community and shared the binary for further […]

Pierluigi Paganini January 27, 2019
Security Affairs newsletter Round 198 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! Collection #1 Data Breach Analysis – Part 1 […]

Pierluigi Paganini January 24, 2019
Kaspersky links GreyEnergy and Zebrocy activities

Security experts from Kaspersky Lab’s Industrial Control Systems Cyber Emergency Response Team (ICS CERT) linked the GreyEnergy malware with and the Zebrocy backdoor. Security researchers from Kaspersky Lab’s ICS CERT have discovered a link between GreyEnergy malware with and the Zebrocy tool. The activity of the GreyEnergy APT group emerged in concurrence with BlackEnergy operations, experts consider […]

Pierluigi Paganini January 20, 2019
Security Affairs newsletter Round 197 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal 20% discount Kindle Edition Paper Copy Once again thank you! TA505 Group adds new ServHelper Backdoor and FlawedGrace […]