Cyber warfare Archives - Page 88 of 139

Pierluigi Paganini April 06, 2017

Operation Cloud Hopper – APT10 goes after Managed Service Providers

Security experts uncovered a widespread campaign tracked as Operation Cloud Hopper known to be targeting managed service providers (MSPs) worldwide. Chinese APT10 group is the main suspect. Security experts from PwC UK and BAE Systems have uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper, targeting managed service providers (MSPs) in multiple countries worldwide. The experts […]

Pierluigi Paganini April 05, 2017

ClearEnergy ransomware aim to destroy process automation logics in critical infrastructure, SCADA and industrial control systems.

Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE® Critical Infrastructure and SCADA/ICS Cyber Threats Research Group have demonstrated this week a new proof of concept ransomware attack aiming to erase (clear) the ladder logic diagram in Programmable Logic Controllers (PLCs). The ransomware a.k.a ClearEnergy affects a massive […]

Pierluigi Paganini April 05, 2017

South Korean users targeted with a new stealthy malware, the ROKRAT RAT

Security experts at CISCO Talos have spotted a new insidious remote access tool dubbed ROKRAT that implements sophisticated anti-detection measures. The ROKRAT RAT targets Korean users, people using the popular Korean Microsoft Word alternative Hangul Word Processor (HWP). In the past, we saw other attacks against people using the HWP application. The ROKRAT RAT was used […]

Pierluigi Paganini April 04, 2017

Joining the dots between the ancient Moonlight Maze espionage campaigns and the Turla APT

Experts at Kaspersky presented the findings of its research that definitively connect the Moonlight Maze cyber espionage campaigns to the Turla APT group. One year ago, the researcher Thomas Rid at the Security Analyst Summit disclosed the alleged links between the Moonlight Maze cyber espionage operation of mid 1990s and the Turla APT. Today at […]

Pierluigi Paganini April 01, 2017

German Military to Launch the Bundeswehr’s new Cyber and Information Space Command

Today the German Military is going to launch a cyber command, the Bundeswehr’s new Cyber and Information Space (CIR) Command. Today the German Military is going to launch a cyber command, the Bundeswehr’s new Cyber and Information Space (CIR) Command, a structure that is considered strategic for the defence of the country from cyber attacks. According […]

Pierluigi Paganini March 31, 2017

Turla hacking group continues to improve its Carbon backdoor

The Russian group Turla has continued to improve its Carbon backdoor, experts from ESET detected new versions released on a regular basis. The Russian APT group known as Turla (also known as Waterbug, KRYPTON and Venomous Bear) has continued to improve its Carbon backdoor, experts from ESET detected new versions released on a regular basis. Carbon is a […]

Pierluigi Paganini March 30, 2017

President Donald Trump is going to extend by one year the Executive Order 13694

US President Trump is extending by one year special powers introduced by President Obama with the Executive Order 13694 on cyber security. The US President Donald Trump intends to extend by one year the Executive Order 13694 that gives the US Governments special powers to issue sanctions against people and organizations engaged in significant cyberattacks and cybercrime against […]

Pierluigi Paganini March 28, 2017

APT29 group used domain fronting to evade detection long before these techniques were widely known

Experts at FireEye discovered the APT29 group adopted domain fronting long before these techniques were widely known in the IT security community. Security firm FireEye continues to follow APT29 group (aka The Dukes, Cozy Bear and Cozy Duke), on Monday it revealed that the cyber spies have been using a technique called “domain fronting” to make hard […]

Pierluigi Paganini March 27, 2017

Top German official said Germany blocked Russian APT28 cyber attacks in 2016

According to a German top official, Germany warded off two cyber attacks launched by the Russian state actor APT28 group in 2016. On Friday, a top German official told Reuters that last year Germany warded off two cyber attacks launched by the Russian APT28 group (aka Fancy Bear, Pawn Storm, Sednit, Sofacy, and Strontium) According to Arne Schoenbohm, president of […]

Pierluigi Paganini March 25, 2017

Spear phishing campaign targeted Saudi Arabia Government organizations

Security researchers at MalwareBytes have uncovered a spearphishing campaign that targeted Saudi Arabia Government organizations. Security experts at MalwareBytes have spotted a new spear phishing campaign that is targeting Saudi Arabia governmental organizations. According to the experts, the campaign already targeted about a dozen Saudi agencies. Attackers used weaponized Word document and tricked victims into opening them […]

Cyber warfare

Operation Cloud Hopper – APT10 goes after Managed Service Providers

ClearEnergy ransomware aim to destroy process automation logics in critical infrastructure, SCADA and industrial control systems.

South Korean users targeted with a new stealthy malware, the ROKRAT RAT

Joining the dots between the ancient Moonlight Maze espionage campaigns and the Turla APT

German Military to Launch the Bundeswehr’s new Cyber and Information Space Command

Turla hacking group continues to improve its Carbon backdoor

President Donald Trump is going to extend by one year the Executive Order 13694

APT29 group used domain fronting to evade detection long before these techniques were widely known

Top German official said Germany blocked Russian APT28 cyber attacks in 2016

Spear phishing campaign targeted Saudi Arabia Government organizations

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

Prometei botnet activity has surged since March 2025

The U.S. House banned WhatsApp on government devices due to security concerns

QUICK LINKS

Cyber warfare

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!