APT

Pierluigi Paganini February 14, 2018
All You Need to Know About North Korea and its cyber army

What Type Of Technology Does North Korea Have? How Did The Country Begin Using Hackers? How Do Hacking Efforts Comply with the Political Situation? North Korea is not known for technological sophistication.  The country does not have any global technological franchises, such as Apple or Samsung, and its citizens continue to have limited access to […]

Pierluigi Paganini February 12, 2018
CSE CybSec ZLAB Malware Analysis Report: Dark Caracal and the Pallas malware family

Researchers from CSE ZLAB malware Analysis Laboratory analyzed a set of samples of the Pallas malware family used by the Dark Caracal APT in its hacking operations. The malware researchers from ZLab analyzed a collection of samples related to a new APT tracked as Dark Caracal, which was discovered by Electronic Frontier Foundation in collaboration […]

Pierluigi Paganini February 05, 2018
Cisco and FireEye Pointing Finger at North Korea Hacking Group For Adobe Flash 0-Day In The Wild

According to security researchers at Cisco and FireEye a North Korea Hacking Group is behind the attacks that exploited the recently discovered Adobe Flash 0-Day vulnerability. There have been over 1,000 Adobe Flash vulnerabilities since it was released. Designed to make website development easier and providing additional features not supported by standard web browsers, it also adds […]

Pierluigi Paganini February 02, 2018
Chinese Iron Tiger APT is back, a close look at the Operation PZChao

Chinese Iron Tiger APT is back, the new campaign, dubbed by Operation PZChao is targeting government, technology, education, and telecommunications organizations in Asia and the US. Malware researchers from Bitdefender have discovered and monitored for several months the activity of a custom-built backdoor capable of password-stealing, bitcoin-mining, and of course to gain full control of the […]

Pierluigi Paganini January 30, 2018
Three Dutch banks and Tax Agency under DDoS Attacks … is it a Russian job?

Three Dutch Banks (ABN AMRO, ING Bank, Rabobank) and Tax Agency were targeted by a coordinated DDoS Attacks a few days the revelation of the Russian APT Hack. Early this week a massive DDoS attack targeted three Dutch banks, ABN AMRO, ING Bank, Rabobank, and the Dutch Taxation Authority (Belastingdienst). The attack against the system of ABN AMRO started over the weekend, while […]

Pierluigi Paganini January 28, 2018
Iran-linked APT OilRig target IIS Web Servers with new RGDoor Backdoor

The Iran-linked cyber-espionage group tracked as OilRig started using a backdoor subbed RGDoor to target Internet Information Services (IIS) Web servers. The Iran-linked cyber-espionage group tracked as OilRig started using a backdoor dubbed RGDoor to target Internet Information Services (IIS) Web servers. The OilRig hacker group is an Iran-linked APT that has been around since at least 2015, when targeted mainly organizations in the financial and […]

Pierluigi Paganini January 26, 2018
Stealth CrossRAT malware targets Windows, MacOS, and Linux systems

The popular former NSA hacker Patrick Wardle published a detailed analysis of the CrossRAT malware used by Dark Caracal for surveillance. Last week a joint report published by security firm Lookout and digital civil rights group the Electronic Frontier Foundation detailed the activity of a long-running hacking group linked to the Beirut Government and tracked as Dark […]

Pierluigi Paganini January 25, 2018
A look into the cyber arsenal used by Lazarus APT hackers in recent attacks against financial institutions

Security experts at Trend Micro have analyzed malware and a tool used by the Lazarus APT group in the recent attacks against financial institutions. Security experts at Trend Micro have analyzed the attacks conducted by the notorious Lazarus APT group against financial institutions. The activity of the Lazarus Group surged in 2014 and 2015, its […]

Pierluigi Paganini January 19, 2018
Triton Malware exploited a Zero-Day flaw in Schneider Triconex SIS controllers

The industrial giant Schneider discovered that the Triton malware exploited a zero-day vulnerability in Triconex Safety Instrumented System (SIS) controllers in an attack aimed at a critical infrastructure organization. In December 2017, a new malicious code dubbed Triton malware  (aka Trisis) was discovered by researchers at FireEye, it was specifically designed to target industrial control […]

Pierluigi Paganini January 19, 2018
Dark Caracal APT – Lebanese intelligence is spying on targets for years

A new long-running player emerged in the cyber arena, it is the Dark Caracal APT, a hacking crew associated with to the Lebanese General Directorate of General Security that already conducted many stealth hacking campaigns. Cyber spies belonging to Lebanese General Directorate of General Security are behind a number of stealth hacking campaigns that in […]