Intelligence

Pierluigi Paganini July 20, 2019
0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

SyTech, a contractor for the Federal Security Service of the Russian Federation (FSB) has been hacked, attackers stole data about internal projects. Attackers have hacked SyTech, a contractor for the Federal Security Service of the Russian Federation (FSB), and exfiltrated data about internal projects. According to the Russian media, SyTech has been working with FSB […]

Pierluigi Paganini July 20, 2019
Former NSA contractor sentenced to 9 years for stealing classified data

The former NSA contractor who pled guilty to stealing over 50TB of data from the Agency, was sentenced to nine years in prison The former National Security Agency contractor Harold Thomas Martin III, who was accused and subsequently pled guilty to stealing over 50TB of classified NSA data, was sentenced to nine years in prison. The man was […]

Pierluigi Paganini July 19, 2019
Israel surveillance firm NSO group can mine data from major social media

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media. NSO is based in Herzliya, near […]

Pierluigi Paganini July 02, 2019
After 2 years under the radars, Ratsnif emerges in OceanLotus ops

Security experts spotted a news wave of attacks carried out by the OceanLotus APT group that involved the new Ratsnif Trojan. Experts at the security firm Cylance detected a new RAT dubbed Ratsnif that was used in cyber espionage operations conducted by the OceanLotus APT group. The OceanLotus APT group, also known as APT32 or Cobalt Kitty, is state-sponsored group that […]

Pierluigi Paganini June 28, 2019
Regin spyware involved in attack against the Russian tech giant Yandex

Allegedly Western nation-state actors breached the systems of Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware. According to the Reuters, Western state-sponsored hackers breached the systems of the Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware. The Regin malware has been […]

Pierluigi Paganini June 28, 2019
Cloud Hopper operation hit 8 of the world’s biggest IT service providers

A long-running operation carried out by China-linked hackers, and tracked as Cloud Hopper, has targeted clients of major companies, including IBM, HPE, Tata CS, Fujitsu, and NTT. Hackers broke into the internal networks on major companies, such as HPE and IBM, and stole corporate data and trade secrets. Then the attackers used the stolen information […]

Pierluigi Paganini June 26, 2019
Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Operation Soft Cell – Experts at Cybereason discovered that China-linked hackers have breached numerous telco providers controlling their networks. Researchers at Cybereason uncovered an ongoing long-running espionage campaign, tracked as Operation Soft Cell, that targets telco providers. Tactics, techniques, and procedures, and the type of targets suggest the involvement of a nation-state actor likely linked […]

Pierluigi Paganini June 21, 2019
Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

Russia-Linked cyberespionage group Turla uses a new toolset and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Russia-linked Turla cyberspies used a new set of tools in new attacks and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Recent campaigns demonstrate that Turla continues to evolve its arsenal and adopt news […]

Pierluigi Paganini June 09, 2019
Security Affairs newsletter Round 217 – News of the week

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! ESET analyzes Turla APTs usage of weaponized PowerShell Leicester City Football Club disclosed a card breach ProtonMail denies that it spies on users for government agencies Expert shows how […]

Pierluigi Paganini June 08, 2019
Hunting the ICEFOG APT group after years of silence

A security researcher found new evidence of activities conducted by the ICEFOG APT group, also tracked by the experts as Fucobha. Chi-en (Ashley) Shen, a senior security researcher at FireEye, collected evidence that demonstrates that China-linked APT group ICEFOG (aka Fucobha) is still active. The activities of the APT group were first uncovered by Kaspersky […]