Pierluigi Paganini
August 31, 2019
The financially-motivated hacking group FIN6 is switching tactics, passing from PoS attacks to the hack of e-commerce websites. According to researchers at IBM X-Force Incident Response and Intelligence Services (IRIS), the financially-motivated hacking group FIN6 is switching tactics, passing from PoS attacks to the hack of e-commerce websites. FIN6 group has been active since 2015, […]
Pierluigi Paganini
August 27, 2019
A recently reported APT group dubbed Lyceum group targets Oil and Gas organizations in the Middle East with simple techniques. The activity of the Lyceum APT group was first documented earlier in August by researchers at ICS security firm Dragos that tracked it as Hexane. Security experts at Dragos Inc. reported that Hexane is targeting organizations […]
Pierluigi Paganini
August 21, 2019
Security experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based research university. Experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based research university. The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks […]
Pierluigi Paganini
August 21, 2019
Experts from Group-Ib that exposed the most recent campaigns carried out by Silence reported that damage from the APT group operations increases fivefold. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has exposed the most recent campaigns carried out by Silence, a Russian-speaking APT group, in the new “Silence 2.0: Going Global” report. […]
Pierluigi Paganini
August 13, 2019
Cloud Atlas threat actors used a new piece of polymorphic malware in recent attacks against government organizations. The Cloud Atlas cyberespionage group, aka Inception, continues to carry out attacks against government organizations and was observed using a new piece of polymorphic malware dubbed VBShower. The Cloud Atlas was first observed by researchers at Kaspersky Lab […]
Pierluigi Paganini
August 07, 2019
Security researcher Marco Ramilli presents a comparative analysis of attacks techniques adopted by the Iran-Linked OilRig APT group. Today I’d like to share a comparative analysis of OilRig techniques mutation over time. In particular I will refer to great analyses made by Paloalto UNIT 42 plus my own ones (HERE, HERE, HERE, etc..) and more personal thoughts. I would define this group […]
Pierluigi Paganini
August 06, 2019
The STRONTIUM Russia-linked APT group is compromising common IoT devices to gain access to several corporate networks. Researchers at Microsoft observed the Russia-linked APT group STRONTIUM abusing IoT devices to gain access to several corporate networks. The STRONTIUM APT group (aka APT28, Fancy Bear, Pawn Storm, Sofacy Group, and Sednit) has been active since at least 2007 and it has […]
Pierluigi Paganini
August 05, 2019
Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military. The group has been active since 2010 and hit military organizations and other high-profile targets worldwide. […]
Pierluigi Paganini
August 02, 2019
Experts warn of a phishing campaign targeting US companies in the utility sector aimed at infecting systems with a new LookBack RAT. Security experts at Proofpoint uncovered a phishing campaign targeting US companies in the utility sector aimed at infecting systems with a new LookBack RAT. “Between July 19 and July 25, 2019, several spear-phishing […]
Pierluigi Paganini
August 01, 2019
Security researchers at Dragos Inc have tracked the activity of a threat actor recently discovered and dubbed Hexane. Security experts at Dragos Inc. have discovered a new threat actor, tracked as Hexane, that is targeting organizations in the oil and gas industry and telecommunication providers. The Hexane group has been active since at least the […]
