According to Kaspersky, the Sofacy APT is particularly interested in military, defense and diplomatic entities in the far east, but overlap with other APT’s operations makes hard the attribution. Last week, during the Kaspersky Security Analyst Summit (SAS) held in Cancun, researchers from Kaspersky illustrated the results of their investigation on the recent activities conducted by the […]
Researchers from the ISC SANS group and the Anti-DDoS company Imperva discovered two distinct campaigns targeting Windows Server, Redis and Apache Solr servers online. Last week new mining campaigns targeted unpatched Windows Server, Apache Solr, and Redis servers, attackers attempted to install the cryptocurrency miner Coinminer. Two campaigns were spotted by researchers from the ISC SANS group and the […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Once again thank you! GCHQ fears energy smart meters could expose millions of Bretons to hack Recent Memcached DDoS attacks drive RDoS extortion practice Applebee restaurants suffered payment card breach Critical flaw in Pivotals Spring Data REST […]
ESET collected evidence of Hacking Team ‘activity post-hack, the company published an interesting analysis based on post hack samples found in the wild. Security researchers at ESET have spotted in fourteen countries previously unreported samples of the Remote Control System (RCS), the surveillance software developed by the Italian Hacking Team, in fourteen countries. Malware researchers […]
According to Citizen Lab, some governments are using Sandvine network gear installed at internet service providers to deliver spyware and cryptocurrency miners. Researchers at human rights research group Citizen Lab have discovered that netizens in Turkey, Egypt and Syria who attempted to download legitimate Windows applications from official vendor websites (i.e. Avast Antivirus, CCleaner, Opera, and 7-Zip) […]
McAfee Advanced Threat Research team discovered that the Hidden Cobra APT group is targeting financial organizations in Turkey. North Korea-linked APT group Hidden Cobra (aka Lazarus Group) is targeting the Turkish financial system. Experts from McAfee observed the hackers using the Bankshot implant in targeted attacks against the financial organizations in Turkey. The attack resembles previous attacks conducted […]
In just one night a Russian crime gang stole 3.8 million slopes (860,000 euros) from 32 ATMs belonging to the Raiffeisen Romania bank. Cybercriminals stole 3.8 million slopes (860,000 euros) from 32 ATMs belonging to the Raiffeisen Romania bank using an infected RTF document. The criminal organization led by Dmitriy Kvasov operated in Romania, the gang stole […]
Microsoft experts observed more than more than 500,000 computers infected with Dofoil Trojan used to download a cryptocurrency miner. A few days ago, researchers at Microsoft announced that Windows Defender Antivirus blocked more than 80,000 instances of several malicious code that exhibited advanced cross-process injection techniques, persistence mechanisms, and evasion methods. According to Microsoft, the malware were […]
Security experts devised a stealth attack technique dubbed CIGslip that could be exploited by attackers to bypass Microsoft Code Integrity Guard (CIG) Security researchers at Morphisec discovered a discovered stealth attack technique dubbed CIGslip that could be exploited by attackers to bypass Microsoft Code Integrity Guard (CIG) and inject malicious libraries into protected processes. “Morphisec researchers Michael […]
According to Kaspersky Lab, threat actors behind the recent Olympic Destroyer attack planted sophisticated false flags inside their malicious code. On February 9, shortly before the Pyeongchang opening ceremonies on Friday, televisions at the main press centre, wifi at the Olympic Stadium and the official website were taken down. Hackers used the so-called Olympic Destroyer, a strain […]