APT

Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habitsExclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

The experts at Cybaze ZLab – Yoroi continue the analysis of new strain of malware used by the Russia-linked APT29 cyberespionage…

7 years ago
Sofacy APT group used a new tool in latest attacks, the CannonSofacy APT group used a new tool in latest attacks, the Cannon

Sofacy APT group used a new tool in latest attacks, the Cannon

Sofacy APT group (aka APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) has a new weapon in its arsenal dubbed Cannon. The Russia-linked APT group delivers Cannon in…

7 years ago
Experts analyzed how Iranian OilRIG hackers tested their weaponized documentsExperts analyzed how Iranian OilRIG hackers tested their weaponized documents

Experts analyzed how Iranian OilRIG hackers tested their weaponized documents

Security experts at Palo Alto Networks analyzed the method used by Iran-linked OilRig APT Group to test weaponized docs before use…

7 years ago
Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29

Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29

Malware researchers from Cybaze ZLab - Yoroi team have detected a new strain of malware that appears to be associated with…

7 years ago
Cybaze ZLab- Yoroi team spotted a new variant of the APT28 Lojax rootkitCybaze ZLab- Yoroi team spotted a new variant of the APT28 Lojax rootkit

Cybaze ZLab- Yoroi team spotted a new variant of the APT28 Lojax rootkit

Malware researchers at the Cybaze ZLab- Yoroi team spotted a new variant of the dangerous APT28 Lojax rootkit. A new…

7 years ago
Chinese TEMP.Periscope cyberespionage group was using TTPs associated with Russian APTsChinese TEMP.Periscope cyberespionage group was using TTPs associated with Russian APTs

Chinese TEMP.Periscope cyberespionage group was using TTPs associated with Russian APTs

Chinese TEMP.Periscope cyberespionage group targeted a UK-based engineering company using TTPs associated with Russia-linked APT groups. Attribution of cyber attacks…

7 years ago
Cyber espionage group used CVE-2018-8589 Windows Zero-Day in Middle East AttacksCyber espionage group used CVE-2018-8589 Windows Zero-Day in Middle East Attacks

Cyber espionage group used CVE-2018-8589 Windows Zero-Day in Middle East Attacks

Kaspersky revealed that the CVE-2018-8589  Windows 0-day fixed by Microsoft Nov. 2018 Patch Tuesday has been exploited by at least one APT group…

7 years ago
Operation Shaheen – Pakistan Air Force members targeted by nation-state attackersOperation Shaheen – Pakistan Air Force members targeted by nation-state attackers

Operation Shaheen – Pakistan Air Force members targeted by nation-state attackers

Security firm Cylance has uncovered a sophisticated state-sponsored campaign, tracked as Operation Shaheen, against the Pakistan Air Force. According to…

7 years ago
CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wildCVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild

CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild

Experts at Volexity discovered that a recently patched remote code execution flaw (CVE-2018-15961) affecting the Adobe ColdFusion has been exploited in the…

7 years ago
Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banksSymantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

North Korea-linked Lazarus Group has been using FastCash Trojan to compromise AIX servers to empty tens of millions of dollars…

7 years ago