APT

Pierluigi Paganini April 04, 2017
Joining the dots between the ancient Moonlight Maze espionage campaigns and the Turla APT

Experts at Kaspersky presented the findings of its research that definitively connect the Moonlight Maze cyber espionage campaigns to the Turla APT group. One year ago, the researcher Thomas Rid at the Security Analyst Summit disclosed the alleged links between the Moonlight Maze cyber espionage operation of mid 1990s and the Turla APT. Today at […]

Pierluigi Paganini March 31, 2017
Turla hacking group continues to improve its Carbon backdoor

The Russian group Turla has continued to improve its Carbon backdoor, experts from ESET detected new versions released on a regular basis. The Russian APT group known as Turla (also known as Waterbug, KRYPTON and Venomous Bear) has continued to improve its Carbon backdoor, experts from ESET detected new versions released on a regular basis. Carbon is a […]

Pierluigi Paganini March 28, 2017
APT29 group used domain fronting to evade detection long before these techniques were widely known

Experts at FireEye discovered the APT29 group adopted domain fronting long before these techniques were widely known in the IT security community. Security firm FireEye continues to follow APT29 group (aka The Dukes, Cozy Bear and Cozy Duke), on Monday it revealed that the cyber spies have been using a technique called “domain fronting” to make hard […]

Pierluigi Paganini March 24, 2017
US blames North Korea for the $81 million Bangladesh cyber heist

US federal prosecutors speculate the involvement of North Korea in the cyber heist of $81 million from Bangladesh’s account at the New York Federal Reserve Bank. The news was reported by The Wall Street Journal, prosecutors suspect the involvement of Chinese middlemen who helped the Government of Pyongyang to organize the cyber theft. In February 2016, unknown hackers transferred […]

Pierluigi Paganini March 23, 2017
Machete espionage campaign continues to target LATAM countries

The threat group behind the Machete cyber espionage campaign first spotted in 2014 continues to target entities in Spanish-speaking countries. According to the researchers at security firm Cylance Threat actors behind the cyber espionage campaign dubbed Machete continue to target entities in Spanish-speaking countries. The Machete campaign was first uncovered by the researchers at Kaspersky in August 2014 and […]

Pierluigi Paganini March 21, 2017
Exclusive: Dirty Political Spying Attempt behind the FHAPPI Campaign: all the details in the interview with @unixfreaxjp

The role of China (PRC) in the worldwide cyber espionage game of conditioning political life: when reserved information are brandished against the political opponent. In the days of testimony of U.S. Federal investigators about the role played during the last year by Russians, their alleged cyber operation is once again under examination. The mainstream media […]

Pierluigi Paganini March 19, 2017
Arbor Networks linked a new Acronym Malware to the Potao Express campaign

Security experts at Arbor Networks linked a new Acronym malware to the malicious code used by threat actors behind the Operation Potao Express. Security experts at Arbor Networks have spotted a new strain of malware that could be linked to the malicious code used by threat actors behind the Operation Potao Express. The researchers started […]

Pierluigi Paganini March 18, 2017
Symantec blames North Korean Lazarus APT group for recent attacks on banks

Further investigation on the attacks against Polish banks allowed Symantec to determine that North Korean Lazarus APT group was behind recent attacks on banks. According to malware researchers at Symantec, the North Korean APT group Lazarus was likely behind a recent string of cyber attacks against organizations in 31 countries. According to Symantec, the Lazarus […]

Pierluigi Paganini March 17, 2017
New APT Campaign based on Poison Ivy RAT with C&C in China has been reversed by MalwareMustDie

New APT Campaign based on Poison Ivy RAT with C&C in China has been reversed by MalwareMustDie who shared a lot of interesting details about the attack vectors and reverse techniques. Our travel along the great analysis of a fresh, new insidious APT China campaign. An ordinary case of phishing? At the beginning, it seemed […]

Pierluigi Paganini March 17, 2017
Who is spying on communications in the Washington area? A rogue state is suspected of mass surveillance

US authorities uncovered a surveillance activity allegedly powered by a rogue entity that is tracking phones of Government officials and foreign diplomats. Something very strange has happened in the Washington, D.C., region, experts noticed an unusual amount of highly suspicious cellphone activity. The fear is that a rogue actor is attempting to spy on communications of numerous individuals, […]