APT

Pierluigi Paganini March 18, 2017
Symantec blames North Korean Lazarus APT group for recent attacks on banks

Further investigation on the attacks against Polish banks allowed Symantec to determine that North Korean Lazarus APT group was behind recent attacks on banks. According to malware researchers at Symantec, the North Korean APT group Lazarus was likely behind a recent string of cyber attacks against organizations in 31 countries. According to Symantec, the Lazarus […]

Pierluigi Paganini March 17, 2017
New APT Campaign based on Poison Ivy RAT with C&C in China has been reversed by MalwareMustDie

New APT Campaign based on Poison Ivy RAT with C&C in China has been reversed by MalwareMustDie who shared a lot of interesting details about the attack vectors and reverse techniques. Our travel along the great analysis of a fresh, new insidious APT China campaign. An ordinary case of phishing? At the beginning, it seemed […]

Pierluigi Paganini March 17, 2017
Who is spying on communications in the Washington area? A rogue state is suspected of mass surveillance

US authorities uncovered a surveillance activity allegedly powered by a rogue entity that is tracking phones of Government officials and foreign diplomats. Something very strange has happened in the Washington, D.C., region, experts noticed an unusual amount of highly suspicious cellphone activity. The fear is that a rogue actor is attempting to spy on communications of numerous individuals, […]

Pierluigi Paganini March 08, 2017
Wikileaks Vault7: CIA Umbrage team, the factory of false flag ops

Wikileaks Vault7 data leak –  the Umbrage team was tasked by the Central Intelligence Agency for false flag hacking operations. WikiLeaks has obtained thousands of files allegedly originating from a CIA high-security network that details CIA hacking tools and capabilities.Digging in the huge trove of files, it is possible to find information about the ability of the […]

Pierluigi Paganini March 07, 2017
WikiLeaks releases documents detailing CIA hacking tools and capabilities

WikiLeaks has obtained thousands of files allegedly originating from a CIA high-security network that details CIA hacking tools and capabilities WikiLeaks announced on Tuesday that it has obtained thousands of files allegedly originating from a high-security network of the U.S. Central Intelligence Agency (CIA). The huge trove of data, called “Vault 7,” exposed the hacking […]

Pierluigi Paganini March 07, 2017
Kaspersky Lab discovered a new sophisticated Shamoon-Linked malware dubbed StoneDrill

The experts spotted a new sophisticated strain of malware dubbed StoneDrill that is linked to Shamoon 2 and Charming Kitten. Researchers at Kaspersky Lab have discovered further information about the dreaded Shamoon 2 malware. The experts spotted a new sophisticated strain of malware dubbed StoneDrill that is linked to Shamoon 2 and Charming Kitten (aka Newscaster and […]

Pierluigi Paganini February 28, 2017
The Gamaredon Group is back with new weapons in its arsenal

The Russian state-actor dubbed Gamaredon is back and has been using a custom-developed malware in a new cyber espionage campaign. According to the experts from Palo Alto Networks, a Russian state-actor dubbed Gamaredon has been using a custom-developed malware in cyber espionage campaign on the Ukrainian government, military and law enforcement officials. The Gamaredon APT was first spotted in […]

Pierluigi Paganini February 26, 2017
Shamoon 2 malware, ASERT has shed light on the C2 and the infection process

The analysis conducted by Arbor Networks on the Shamoon 2 malware has shed light on the control infrastructure and the infection process. Security researchers from Arbor Networks’ Security Engineering and Response Team (ASERT) have conducted a new analysis of the Shamoon 2 malware discovering further details on the tools and techniques used by the threat […]

Pierluigi Paganini February 24, 2017
South Korea targeted by a cyber espionage campaign, experts blame Norks

South Korea is once against under attack, alleged nation-state hackers have launched a sophisticated cyber espionage campaign on organizations in the public sector. According to the experts at Cisco Talos, the cyber espionage campaign was active between November 2016 and January 2017 and leveraged on vulnerabilities in a Korean language word processing program (Hangul Word […]

Pierluigi Paganini February 21, 2017
Operation BugDrop – Hackers siphoned 600GB taking control of PC microphones

Security firm CyberX uncovered the Operation Bugdrop, a cyber espionage campaign that mostly targeted Ukrainian organizations. Researchers at Security firm CyberX have discovered a cyber espionage campaign that siphoned more than 600 gigabytes from about 70 targets in several industries, including critical infrastructure and news media. The list of targets includes: A company that designs […]