Intelligence

Pierluigi Paganini July 15, 2018
Update CSE Malware ZLab – Operation Roman Holiday – Hunting the Russian APT28

Researchers from the Z-Lab at CSE Cybsec analyzed a new collection of malware allegedly part of a new espionage campaign conducted by the APT28 group. It was a long weekend for the researchers from the Z-Lab at CSE Cybsec that completed the analysis a number of payloads being part of a new cyber espionage campaign […]

Pierluigi Paganini July 15, 2018
Trump might ask Putin to extradite the 12 Russian intelligence officers

A few hours before the upcoming meeting between Donald Trump and Vladimir Putin, the US President said he might ask the extradition to the US of the 12 Russian intelligence officers accused of being involved in attacks against the 2016 presidential election. Ahead of the Trump-Putin meeting in Helsinki on Monday, the US President announced that he […]

Pierluigi Paganini July 14, 2018
12 Russian Intel Officers charged of hacking into U.S. Democrats

The week closes with the indictment for twelve Russian intelligence officers by a US grand jury. The charges were formulated just three days before President Donald Trump is scheduled to meet with Vladimir Putin. The special Counsel Robert Mueller, who indicted on February 13 Russians for a massive operation aimed to influence the 2016 Presidential election, […]

Pierluigi Paganini July 12, 2018
China-based TEMP.Periscope APT targets Cambodia’s elections

FireEye uncovered a large-scale Chinese phishing and hacking campaign powered by Temp.periscope APT aimed at Cambodia’s elections. Security researchers at FireEye have uncovered a large-scale Chinese phishing and hacking campaign aimed at Cambodia’s elections. The hackers distributed a remote access trojan (RAT) and data exfiltration operation targeting the poll. The experts from FireEye attributed the attacks to an APT group tracked […]

Pierluigi Paganini July 06, 2018
Hamas cyber-operatives lure Israeli soldiers to spyware hidden in tainted apps

Israeli military intelligence accused Hamas operatives of creating tainted apps to lure soldiers into downloading spyware onto their phones. According to a report published by the Israeli military, Hamas hackers are attempting to lure Israel Defence Forces (IDF) soldiers into installing tainted apps on their devices. Israeli military already blamed Hamas of similar attacks, but this […]

Pierluigi Paganini July 03, 2018
Iranian Charming Kitten ATP group poses as Israeli cybersecurity firm in phishing campaign

Iranian APT groups continue to very active, recently Charming Kitten cyber spies attempted to pose as an Israeli cyber-security firm that uncovered previous hacking campaigns. The Iranian Charming Kitten ATP group, aka Newscaster or Newsbeef,  launched spear phishing attacks against people interested in reading reports about it. The Newscaster group made the headlines in 2014 when experts at iSight issued a report describing the […]

Pierluigi Paganini July 02, 2018
NSA began deleting all call detail records (CDRs) acquired since 2015

NSA is deleting hundreds of millions of records of phone calls and text messages dating back to 2015 due to technical irregularities. The US National Security Agency announced it is deleting hundreds of millions of records of phone calls and text messages dating back to 2015 due to technical irregularities in some data received from telecommunications service providers. “Consistent with […]

Pierluigi Paganini June 27, 2018
Recently discovered RANCOR cyber espionage group behind attacks in South East Asia

Security researchers at Palo Alto Networks have uncovered a new cyber espionage group tracked as RANCOR that has been targeting entities in South East Asia. According to the experts, the RANCOR APT group has been targeting political entities in Singapore, Cambodia, and Thailand, and likely in other countries, using two previously unknown strain of malware. The two […]

Pierluigi Paganini June 25, 2018
China Tick APT group targeting air-gapped systems in Asia

Palo Alto Networks experts uncovered a new operation conducted by the cyber espionage group known as Tick APT that has been targeting a secure USB drive built by a South Korean defense company.  The Tick APT group has been active for at least a decade, tracked also as Bronze Butler, it was first spotted in 2016 by […]

Pierluigi Paganini June 20, 2018
Olympic Destroyer was involved in a new wave of cyber attacks

Olympic Destroyer, the malicious code that was used in attacks against Winter Games in Pyeongchang, was involved in a new wave of cyber attacks. The same malware used in recent Olympic Winter Games in Pyeongchang, tracked as Olympic Destroyer, has been used in a new wave of attacks against organizations in Germany, France, the Netherlands, Russia, Switzerland, […]