Pierluigi Paganini
June 11, 2018
According to former GCHQ chief, the recently discovered VPNFilter botnet is the demonstration that Russia appears to be live-testing cyberattacks. Former GCHQ chief Robert Hannigan has warned that the availability of hacking tools in the main marketplaces is rapidly changing the threat landscape. Hannigan served as the director of the UK intelligence agency between November 2014 until January 2017. Threat actors have an […]
Pierluigi Paganini
June 09, 2018
According to a report published by The Washington Post, Chinese hackers have stolen a huge trove of sensitive data from a U.S. Navy contractor. China-linked hackers have stolen a huge trove of sensitive data from a U.S. Navy contractor, the Washington Post reported Friday. The threat actors stole more than 614 gigabytes of data including secret plans to develop a […]
Pierluigi Paganini
June 07, 2018
Sofacy APT group (APT28, Pawn Storm, Fancy Bear, Sednit, Tsar Team, and Strontium) continues to operate and thanks to rapid and continuously changes of tactics the hackers are able to remain under the radar. According to experts from Palo Alto Networks, the hackers also used new tools in recent attacks, recently the APT group has shifted focus in their interest, from NATO member […]
Pierluigi Paganini
June 04, 2018
A North Korea-linked APT group, tracked by experts at industrial cybersecurity firm Dragos as Covellite, has stopped targeting US organizations. Anyway, the group, that is believed to be linked to the notorious Lazarus APT group, is continuing to target organizations in Europe and East Asia. The group has been around at least since 2017 and is still active, […]
Pierluigi Paganini
May 30, 2018
The Department of Homeland Security (DHS) and the FBI issued a joint Technical alert on two strain on malware, the Joanap backdoor Trojan and Brambul Server Message Block worm, associated with the HIDDEN COBRA North Korea-linked APT group. The US-CERT alert reads: “Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators […]
Pierluigi Paganini
May 28, 2018
Researchers and the FBI are working together to take down the dreaded VPNFilter botnet composed of hundreds of thousands of compromised devices. For several months, there have been rumors and vague warnings about highly skilled adversaries targeting critical infrastructure. Last week we learned some details about the warning, why you might be impacted and how […]
Pierluigi Paganini
May 24, 2018
The threat actor behind the Triton malware (aka Trisis, Xenotime, and HatMan) is now targeting organizations worldwide and safety systems. The attackers are expanding their targets and new variants are able to attacks also other than Schneider Electric’s Triconex systems. The malware was first spotted in December 2017 by researchers at FireEye that discovered that it was specifically designed to […]
Pierluigi Paganini
May 23, 2018
Security firm Talos along with other cybersecurity firms and law enforcement agencies have uncovered a huge botnet dubbed VPNFilter, composed of more than 500,000 compromised routers and network-attached storage (NAS) devices. The experts believe the VPNFilter was developed by Russia and the associated malware appears to be very sophisticated, at the time they discovered more than 500,000 compromised devices across […]
Pierluigi Paganini
May 22, 2018
A North Korea-linked APT group tracked as Sun Team has targeted North Korean deflectors with a malicious app that was published in the official Google Play store. A North Korea-linked APT group tracked as Sun Team has targeted North Korean deflectors with a malicious app that was published in the official Google Play store. The campaign, named RedDawn by security experts at […]
Pierluigi Paganini
May 15, 2018
Dutch Government plans to phase out the use of Kaspersky solutions while the security firm confirmed that its code infrastructure is going to move to Switzerland. The antivirus firm Kaspersky Lab made the headlines again, the company confirmed that its code infrastructure is going to move to Switzerland. The news arrives just after the comment from the Netherlands […]
