Intelligence

Pierluigi Paganini December 03, 2023
New Agent Raccoon malware targets the Middle East, Africa and the US

Threat actors are using the Agent Raccoon malware in attacks against organizations in the Middle East, Africa and the U.S. Unit42 researchers uncovered a new backdoor named Agent Raccoon, which is being used in attacks against organizations in the Middle East, Africa, and the U.S. The malware was used in attacks against multiple industries, including […]

Pierluigi Paganini December 01, 2023
US govt sanctioned North Korea-linked APT Kimsuky

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against North Korea-linked APT group Kimsuky. The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) this week announced sanctions against the North Korea-linked APT group Kimsuky. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, APT43) was first spotted by Kaspersky researchers in […]

Pierluigi Paganini November 18, 2023
Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine

Russia-linked cyberespionage group Gamaredon has been spotted propagating a worm called LitterDrifter via USB. Check Point researchers observed Russia-linked Gamaredon spreading the worm called LitterDrifter via USB in attacks against Ukraine. Gamaredon (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) has been active since 2014 and its activity focuses on Ukraine, the group was observed using the multistage backdoor Pteranodon/Pterodo. The Gamaredon APT group continues to carry out […]

Pierluigi Paganini November 14, 2023
Danish critical infrastructure hit by the largest cyber attack in Denmark’s history

Danish critical infrastructure was hit by the largest cyber attack on record that hit the country, according to Denmark’s SektorCERT. In May, Danish critical infrastructure faced the biggest cyber attack on record that hit the country, reported SektorCERT, Denmark’s Computer Security Incident Response Team (CSIRT) for the critical infrastructure sectors. A first wave of attacks […]

Pierluigi Paganini October 31, 2023
Canada bans WeChat and Kaspersky apps on government-issued mobile devices

Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the WeChat and Kaspersky applications on government-issued mobile devices due to privacy and security risks. The ban will be effective starting from October 30, […]

Pierluigi Paganini October 27, 2023
France agency ANSSI warns of Russia-linked APT28 attacks on French entities

France National Agency for the Security of Information Systems warns that the Russia-linked APT28 group has breached several critical networks. The French National Agency for the Security of Information Systems ANSSI (Agence Nationale de la sĂ©curitĂ© des systĂšmes d’information) warns that the Russia-linked APT28 group has been targeting multiple French organizations, including government entities, businesses, universities, […]

Pierluigi Paganini October 26, 2023
Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks

Russia-linked threat actor Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software. Russian APT group Winter Vivern (aka TA473) has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023. ESET researchers pointed out that is a different vulnerability than CVE-2020-35730, that the group exploited in other attacks. The Winter […]

Pierluigi Paganini October 24, 2023
Former NSA employee pleads guilty to attempted selling classified documents to Russia

A former NSA employee has pleaded guilty to charges of attempting to transmit classified defense information to Russia. Jareh Sebastian Dalke (31), a former NSA employee has admitted to attempting to convey classified defense information to Russia, pleading guilty to the charges. The man pleaded guilty today to six counts of attempting to transmit classified […]

Pierluigi Paganini October 23, 2023
Don’t use AI-based apps, Philippine defense ordered its personnel

The Philippine defense ordered its personnel to stop using AI-based applications to generate personal portraits. The Philippine defense warned of the risks of using AI-based applications to generate personal portraits and ordered its personnel to stop using them. On October 14, Defense Secretary Gilberto Teodoro Jr. issued the directive to ban the AI-based applications. “Defense […]

Pierluigi Paganini October 22, 2023
MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

MI5 chief warns Chinese cyber espionage reached an epic scale, more than 20,000 people in the UK have now been targeted. The head of MI5, Ken McCallum, warns that Chinese spies targeted more than 20,000 people in the UK. During a meeting of security chiefs of the Five Eyes alliance held in California, McCallum told […]