Cyber warfare

Pierluigi Paganini October 19, 2017
Cyber espionage – China-Linked group leverages recently patched .NET Flaw

Security researchers at Proofpoint spotted a cyber espionage campaign conducted by a group previously linked to China. The hackers have been using a recently patched .NET vulnerability, tracked as CVE-2017-8759, in attacks aimed at organizations in the United States. “Proofpoint researchers are tracking an espionage actor targeting organizations and high-value targets in defense and government. […]

Pierluigi Paganini October 18, 2017
BAE Systems report links Taiwan heist to North Korean LAZARUS APT

Researchers at BAE Systems investigated the recent cyber-heist that targeted a bank in Taiwan and linked the action to the notorious Lazarus APT group. The activity of the Lazarus APT Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks and experts that investigated on the crew consider it highly sophisticated. […]

Pierluigi Paganini October 16, 2017
Iranian hackers compromised the UK leader Theresa May’s email account along with other 9,000 emails

Iranian hackers compromised 9,000 UK emails in ‘brute force’ cyber attack that was initially attributed to Russian state-sponsored hackers. On June 23, around 9,000 email accounts, including those belonging to Theresa May and other Cabinet Ministers, were hacked in the 12-hour “sustained and determined” attack cyber attack. “According to intelligence officials, the cyberattack “bombarded parliamentary email […]

Pierluigi Paganini October 15, 2017
Swedish transport agencies targeted in DDoS cyber attacks

Swedish transport agencies were hit by cyber attacks on Wednesday and Thursday, October 11 and 12, is it Information Warfare? Swedish transport authorities were hit by cyber attacks on Wednesday and Thursday, October 11 and 12. The attacks have brought down several IT systems causing delays of the train transportation. The first attack hit the Sweden Transport […]

Pierluigi Paganini October 14, 2017
Security Service of Ukraine of a new wave of large-scale NotPetya-like attack

The Security Service of Ukraine warning their citizens of a new “large-scale” cyber attack similar to NotPetya that could take place between Oct 13 and 17 In June the NotPetya ransomware compromised thousands of businesses and organizations worldwide, most of them in Ukraine. Now, the Ukrainian authorities warning their citizens of a new “large-scale” cyber attack similar to NotPetya. The Ukrainian Secret […]

Pierluigi Paganini October 11, 2017
Israel hackers caught Russian cyber spies abusing Kaspersky AV to steal NSA secrets

Israeli hackers compromised the Kaspersky infrastructure and caught Russian spies using AV tool to harvest NSA exploits. Kaspersky was not aware of the hack. There is still a heated discussion about the alleged hack of Kaspersky’s antivirus and its use to steal an NSA exploit from a US subcontractor. Explosive new revelations put at risk […]

Pierluigi Paganini October 10, 2017
Iran-linked OilRig hacked group use a new Trojan in Middle East Attacks

The Iran-Linked cyberespionage group OilRig has been using a new Trojan in attacks aimed at targets in the Middle East. Experts from Palo Alto Networks spotted a new campaign launched by the notorious APT group OilRig against an organization within the government of the United Arab Emirates (UAE). The OilRig hacker group is an Iran-linked APT that has been around since at least […]

Pierluigi Paganini October 09, 2017
North Korea hackers threaten Irish companies with ‘almost daily’ attacks

State-sponsored hackers from North Korea are launching almost daily attacks on Irish companies and critical infrastructure North Korean state-sponsored hackers are launching almost daily attacks on Irish companies and critical infrastructure, they are also suspected to be responsible for the €4.3m cyber heist on Meath County Council in October 2016. Ireland is considered a privileged […]

Pierluigi Paganini October 06, 2017
Zapad drills – Russia may have tested cyber weapons on Latvia

According to intelligence experts the recent Zapad drills conducted by Russia simulated an attack on all Baltic countries, it included the use of cyber weapons. Baltic and NATO officials claim Russia was behind outage in Latvia’s mobile communications network before Russia’s war games in September code-named Zapad. According to the expert, Russia may have tested one […]

Pierluigi Paganini October 05, 2017
CSE CybSec ZLAB Malware Analysis Report: APT28 Hospitality malware

The CSE CybSec Z-Lab Malware Lab analyzed the Hospitality malware used by the Russian APT28 group to target hotels in several European countries. The Russian hacker group APT28, also known as Sofacy or Fancy Bear, is believed to be behind a series of attacks in last July against travelers staying in hotels in Europe and Middle […]