APT Archives - Page 89 of 115

Pierluigi Paganini January 17, 2019

South Korea: hackers compromised Defense Acquisition Program Administration PCs

South Korea – Allegedstate-sponsored hackers compromised 10 PCs at ministry’s Defense Acquisition Program Administration. Unknown hackers compromised 10 PCs at ministry’s Defense Acquisition Program Administration which is the office that manages the military procurement. The news was confirmed by the South Korea Ministry of National Defense. “It has been turned out that 30 computers installed […]

Pierluigi Paganini January 16, 2019

GreyEnergy: Welcome to 2019

Early January, an interesting malware sample has been disclosed through the InfoSec community: a potential GreyEnergy implant still under investigation. This kind of threat, previously analyzed by third party firms, contains similarities with the infamous BlackEnergy malware, used in the attacks against the Ukrainian energy industry back in 2015. The Cybaze-Yoroi ZLAB researchers dissected this […]

Pierluigi Paganini January 10, 2019

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. Security experts at FireEye uncovered a DNS hijacking campaign that is targeting government agencies, ISPs and other telecommunications providers, Internet infrastructure entities, and sensitive commercial organizations in the Middle East, North Africa, North America and Europe. According […]

Pierluigi Paganini December 21, 2018

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

The US Department of Justice charged two Chinese hackers for hacking numerous companies and government agencies in a dozen countries, US Indicts Two Chinese Government Hackers Over Global Hacking Campaign. including Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, the United Arab Emirates, the United Kingdom, and the United States. The two Chinese hackers, […]

Pierluigi Paganini December 19, 2018

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

Researchers at Palo Alto Networks discovered that the Russian-linked Sofacy APT has written a new version of their Zebrocy backdoor using the Go programming language. The Sofacy APT group has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of […]

Pierluigi Paganini December 14, 2018

New Sofacy campaign aims at Government agencies across the world

Security experts at Palo Alto Networks uncovered a new espionage campaign carried out by Russia-Linked APT group Sofacy. Russian Cyber espionage group Sofacy (aka APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium)) carried out a new cyber campaign aimed at government agencies in four continents in an attempt to infect them with malware. The campaign has been focusing on Ukraine and NATO […]

Pierluigi Paganini December 13, 2018

Operation Sharpshooter targets critical infrastructure and global defense

McAfee uncovered a campaign tracked as Operation Sharpshooter that hit at least 87 organizations in global defense and critical infrastructure. Security experts at McAfee uncovered a hacking campaign, tracked as Operation Sharpshooter, aimed at infrastructure companies worldwide. The threat actors are using malware associated with Lazarus APT group that carried out Sony Pictures attack back in […]

Pierluigi Paganini December 11, 2018

Seedworm APT Group targeted more than 130 victims in 30 organizations since Sept

‘ The Seedworm APT Group has targeted more than 130 victims in 30 organizations since September including NGOs, oil and gas, and telecom businesses. According to a new research conducted from Symantec’s DeepSight Managed Adversary and ThreatIntelligence (MATI) team, the Seedworm APT group, aka MuddyWater, is rapidly evolving and extended its targets to the telecom, IT […]

Pierluigi Paganini December 09, 2018

STOLEN PENCIL campaign, hackers target academic institutions.

STOLEN PENCIL campaign – North Korea-linked APT group has been targeting academic institutions since at least May of this year. North Korea-linked threat actors are targeting academic institutions with spear phishing attacks. The phishing messages include a link to a website where a decoy document that attempts to trick users into installing a malicious Google Chrome […]

Pierluigi Paganini December 07, 2018

Experts at Yoroi – Cybaze Z-Lab analyzed MuddyWater Infection Chain

Malware researchers at Yoroi – Cybaze Z-Lab analyzed the MuddyWater Infection Chain observed in a last wave of cyber attacks. Introduction At the end of November, some Middle East countries have been targeted by a new wave of attacks related to the Iranian APT group known as “MuddyWater“: their first campaign was observed back in […]

APT

South Korea: hackers compromised Defense Acquisition Program Administration PCs

GreyEnergy: Welcome to 2019

Alleged Iran-linked APT groups behind global DNS Hijacking campaign

US DoJ indicts Chinese hackers over state-sponsored cyber espionage

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

New Sofacy campaign aims at Government agencies across the world

Operation Sharpshooter targets critical infrastructure and global defense

Seedworm APT Group targeted more than 130 victims in 30 organizations since Sept

STOLEN PENCIL campaign, hackers target academic institutions.

Experts at Yoroi – Cybaze Z-Lab analyzed MuddyWater Infection Chain

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Malicious AI-generated npm package hits Solana users

Meta Offers $1M bounty at Pwn2Own Ireland 2025 for WhatsApp exploits

ToolShell under siege: Check Point analyzes Chinese APT Storm-2603

CISA released Thorium platform to support malware and forensic analysis

Russia-linked APT Secret Blizzard targets foreign embassies in Moscow with ApolloShadow malware

QUICK LINKS

APT

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!