Pierluigi Paganini
May 23, 2018
Security firm Talos along with other cybersecurity firms and law enforcement agencies have uncovered a huge botnet dubbed VPNFilter, composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. The experts believe the VPNFilter was developed by Russia and the associated malware appears to be very sophisticated, at the time they discovered more than 500,000 compromised devices across […]
Pierluigi Paganini
May 23, 2018
Security experts from ESET observed the Turla APT group leveraging for the first time the Metasploit framework in the Mosquito campaign The Russia-linked Turla APT group continues its cyber espionage campaigns shifting towards more generic tools to remain under the radar. Turla is the name of a Russian cyber espionage APT group (also known as […]
Pierluigi Paganini
May 22, 2018
A North Korea-linked APT group tracked as Sun Team has targeted North Korean deflectors with a malicious app that was published in the official Google Play store. A North Korea-linked APT group tracked as Sun Team has targeted North Korean deflectors with a malicious app that was published in the official Google Play store. The campaign, named RedDawn by security experts at […]
Pierluigi Paganini
May 11, 2018
Security experts from the industrial cybersecurity firm Dragos warn of a threat actor tracked as Allanite has been targeting business and industrial control networks at electric utilities in the United States and the United Kingdom. Dragos experts linked the campaigns conducted by the Dragonfly APT group and Dymalloy APT, aka Energetic Bear and Crouching Yeti, to a threat actors they […]
Pierluigi Paganini
May 10, 2018
Recently, the Advanced Threat Response Team of 360 Core Security Division detected an APT attack exploiting a 0-day vulnerability tracked as CVE-2018-8174. Now the experts published a detailed analysis of the flaw. I Overview Recently, the Advanced Threat Response Team of 360 Core Security Division detected an APT attack exploiting a 0-day vulnerability and captured the worldâs […]
Pierluigi Paganini
May 07, 2018
Security experts at 401TRG, the threat research and analysis team at ProtectWise, have discovered links between several Chinese APT groups under the Winnti umbrella. The experts analyzed several campaigns conducted by the cyber espionage groups over the last years and associated their activities with the Chinese Government, in one case the nation-state actor was working from the […]
Pierluigi Paganini
May 06, 2018
Security researchers from Kaspersky Lab have uncovered a new cyber-espionage APT group tracked ZooPark that targeted entities in the Middle East during the past three years. ZooPark APT has been active at least since 2015 and has shown a growing level of sophistication across the years. “ZooPark is a cyberespionage operation that has been focusing on Middle […]
Pierluigi Paganini
May 03, 2018
Recently, several LoJack agents were found to be connecting to servers that are believed to be controlled by the notorious Russia-linked Fancy Bear APT group. LoJack for laptops is a security software designed to catch computer thieves, but it could be theoretically abused to spy on legitimate owners of the device. LoJack could be used to locate […]
Pierluigi Paganini
April 30, 2018
The Thai authorities with the support of the ThaiCERT and security first McAfee have seized a server used by North Korean Hidden Cobra APT as part of the Op GhostSecret campaign. The Thai authorities with the support of the ThaiCERT have seized a server used by North Korean hackers in the attack against Sony Picture. […]
Pierluigi Paganini
April 24, 2018
Kaspersky analyzed the serves compromised by the Energetic Bear APT and assumed with some degree of certainty that the group operates in the interests of or takes orders from customers that are external to it. Security experts at Kaspersky Lab ICS CERT have published a detailed analysis of the server compromised by the notorious Energetic […]
