APT Archives - Page 89 of 114

Pierluigi Paganini December 11, 2018

Seedworm APT Group targeted more than 130 victims in 30 organizations since Sept

‘ The Seedworm APT Group has targeted more than 130 victims in 30 organizations since September including NGOs, oil and gas, and telecom businesses. According to a new research conducted from Symantec’s DeepSight Managed Adversary and ThreatIntelligence (MATI) team, the Seedworm APT group, aka MuddyWater, is rapidly evolving and extended its targets to the telecom, IT […]

Pierluigi Paganini December 09, 2018

STOLEN PENCIL campaign, hackers target academic institutions.

STOLEN PENCIL campaign – North Korea-linked APT group has been targeting academic institutions since at least May of this year. North Korea-linked threat actors are targeting academic institutions with spear phishing attacks. The phishing messages include a link to a website where a decoy document that attempts to trick users into installing a malicious Google Chrome […]

Pierluigi Paganini December 07, 2018

Experts at Yoroi – Cybaze Z-Lab analyzed MuddyWater Infection Chain

Malware researchers at Yoroi – Cybaze Z-Lab analyzed the MuddyWater Infection Chain observed in a last wave of cyber attacks. Introduction At the end of November, some Middle East countries have been targeted by a new wave of attacks related to the Iranian APT group known as “MuddyWater“: their first campaign was observed back in […]

Pierluigi Paganini December 04, 2018

Russia-linked APT Sofacy leverages BREXIT lures in recent attacks

Russia-linked cyber-espionage group Sofacy, (aka APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) use BREXIT lures in recent attacks. The APT group used Brexit-themed bait documents on the same day the UK Prime Minister Theresa May announced the initial BREXIT draft agreement with the European Union (EU). “As the United Kingdom (UK) Prime Minister Theresa May announced the initial BREXIT draft agreement […]

Pierluigi Paganini November 30, 2018

New PowerShell-based Backdoor points to MuddyWater

Security researchers at Trend Micro recently discovered PowerShell-based backdoor that resembles a malware used by MuddyWater threat actor. Malware researchers at Trend Micro have discovered a Powershell-based backdoor that is very similar to a malware used by MuddyWater APT group. The first MuddyWater campaign was observed in late 2017, then researchers from Palo Alto Networks were investigating a mysterious wave […]

Pierluigi Paganini November 24, 2018

North Korea-linked group Lazarus targets Latin American banks

According to security reearchers at Trend Micro, the North Korea-linked APT group Lazarus recently targeted banks in Latin America. The North Korea-linked APT group Lazarus recently targeted banks in Latin America, Trend Micro experts reported. The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts […]

Pierluigi Paganini November 23, 2018

Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

The experts at Cybaze ZLab – Yoroi continue the analysis of new strain of malware used by the Russia-linked APT29 cyberespionage group (aka Cozy Bear) The experts at Cybaze ZLab – Yoroi continue the analysis of new strain of malware used by the Russia-linked APT29 cyberespionage group (aka The Dukes, Cozy Bear, and Cozy Duke). The researchers of Yoroi ZLab, on […]

Pierluigi Paganini November 21, 2018

Sofacy APT group used a new tool in latest attacks, the Cannon

Sofacy APT group (aka APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) has a new weapon in its arsenal dubbed Cannon. The Russia-linked APT group delivers Cannon in a spear-phishing attack that targets government organizations in North America, Europe and in a former USSR state. Experts at Palo Alto Networks spotted a new campaign in late October and early November, spear-phishing messages used Word […]

Pierluigi Paganini November 20, 2018

Experts analyzed how Iranian OilRIG hackers tested their weaponized documents

Security experts at Palo Alto Networks analyzed the method used by Iran-linked OilRig APT Group to test weaponized docs before use in attacks. Security researchers Palo Alto Networks have analyzed the techniques adopted by Iran-linked APT group OilRig (aka APT34) to test the weaponized documents before use in attacks. The OilRig hacker group is an Iran-linked APT that has been around since at least 2015, since then it targeted mainly […]

Pierluigi Paganini November 19, 2018

Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29

Malware researchers from Cybaze ZLab – Yoroi team have detected a new strain of malware that appears to be associated with a new wave of attacks carries out by Russia linked APT29 group. The researchers of Yoroi ZLab, on 16 November, accessed to a new APT29’s dangerous malware which seems to be involved in the recent […]

APT

Seedworm APT Group targeted more than 130 victims in 30 organizations since Sept

STOLEN PENCIL campaign, hackers target academic institutions.

Experts at Yoroi – Cybaze Z-Lab analyzed MuddyWater Infection Chain

Russia-linked APT Sofacy leverages BREXIT lures in recent attacks

New PowerShell-based Backdoor points to MuddyWater

North Korea-linked group Lazarus targets Latin American banks

Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

Sofacy APT group used a new tool in latest attacks, the Cannon

Experts analyzed how Iranian OilRIG hackers tested their weaponized documents

Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Spain awarded €12.3 million in contracts to Huawei

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

Wing FTP Server flaw actively exploited shortly after technical details were made public

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 53

Security Affairs newsletter Round 532 by Pierluigi Paganini – INTERNATIONAL EDITION

QUICK LINKS

APT

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!