Intelligence

Pierluigi Paganini June 08, 2019

German intelligence agencies could hack servers, smartphones and any other devices under a draft law drawn up by the German Interior Ministry. The German Interior Ministry would allow the German domestic and foreign intelligence services are to hack into computers and smartphones under a draft law. According to the draft law, the country’s intelligence agencies […]

Pierluigi Paganini June 04, 2019
A month later Gamaredon is still active in Eastern Europe

Gamaredon continues to target Ukraine, Yoroi-Cybaze ZLab spotted a new suspicious activity potentially linked to the popular APT group Introduction The Gamaredon attacks against Ukraine don’t seem to have stopped. After a month since our last report we spotted a new suspicious email potentially linked to the Gamaredon group. The group was first discovered by Symantec and TrendMicro in 2015 but […]

Pierluigi Paganini May 30, 2019
Emissary Panda APT group hit Government Organizations in the Middle East

Chinese Cyber-Spies Target Government Organizations in Middle East Chinese APT group Emissary Panda has been targeting government organizations in two different countries in the Middle East. Experts at Palo Alto Networks reported that the Chinese APT group Emissary Panda (aka APT27, TG-3390, Bronze Union, and Lucky Mouse) has been targeting government organizations in two different […]

Pierluigi Paganini May 23, 2019
UK provided evidence to 16 NATO allies of Russia hacking campaigns

UK Government has provided to 16 NATO allies evidence of malicious Russia ‘s cyber activity in their countries over the last 18 months. According to the foreign minister Jeremy Hunt, the UK Government has provided to 16 NATO allies evidence of cyber attacks carried out by Russia against their countries over the last 18 months. […]

Pierluigi Paganini May 19, 2019
Dutch intelligence investigate alleged Huawei ‘backdoor’

Dutch intelligence services are probing Huawei for possibly spying for the Chinese government by using a “back door” in equipment of major telecoms firms. Dutch intelligence probes Huawei for possibly spying for the Chinese government by using a “back door” in the equipment used by major telecoms firms. Dutch intelligence shares the concerns raised by […]

Pierluigi Paganini May 07, 2019
Buckeye APT group used Equation Group tools prior to ShadowBrokers leak

China-linked APT group tracked as APT3 was using a tool attributed to the NSA-linked Equation Group more than one year prior to Shadow Brokers leak. China-linked APT group tracked as APT3 (aka Buckeye, APT3, UPS Team, Gothic Panda, and TG-0110) was using a tool attributed to the NSA-linked Equation Group more than one year prior […]

Pierluigi Paganini May 01, 2019
MIVD Dutch intelligence warns of Russian, Chinese cyber espionage

The Military Intelligence and Security Service (MIVD) warn of “worrying” cyber espionage activities carried out by Russia and China. The Military Intelligence and Security Service (MIVD) warn of “worrying” cyber espionage activities carried out by Russia and China. The warning is included in the annual report published by the Dutch intelligence that cited as an […]

Pierluigi Paganini April 22, 2019
Russian Twitter bot activity increased in the wake Mueller report release

Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Experts at security firm SafeGuard reported that Russian Twitter bot activity raised up by 286 percent in the wake of the release of the Mueller Report. Social media platforms […]

Pierluigi Paganini April 19, 2019
Source code of tools used by OilRig APT leaked on Telegram

Lab Dookhtegan hackers leaked details about operations carried out by Iran-linked OilRig group, including source code of 6 tools. A hacker group that goes online with the name Lab Dookhtegan have disclosed details about operations conducted by the Iran-linked cyber-espionage group tracked as OilRig, APT34, and HelixKitten. OilRig is an Iran-linked APT group that has been […]

Pierluigi Paganini April 18, 2019
APT28 and Upcoming Elections: evidence of possible interference (Part II)

In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? Introduction The uncertain attribution of the Ukrainian themed malicious document discussed in our past article “APT28 and Upcoming Elections: Possible Interference Signals”, led us to a review of Sofacy’s phishing techniques to confirm or […]