Iran-linked OilRig cyberespionage group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns.Iran-linked OilRig cyberespione group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns. The OilRig APT group, the threat actor behind the DNSpionage malware campaign, is carrying out a new sophisticated and targeted operation that infects victims […]
Security expert Marco Ramilli published the findings of a quick analysis of the webmask project standing behind the DNS attacks implemented by APT34 (aka OilRig and HelixKitten). Thanks to the leaked source code it is now possible to check APT34 implementations and techniques. Contest: Since at least 2014, an Iranian threat group tracked by FireEye as APT34 has […]
Palo Alto Networks Unit 42 researchers uncovered a malicious campaign targeting entities in North America, Europe, Asia, and the Middle East with RevengeRAT. The campaign was carried out during March, threat actors tracked as Aggah” used pages hosted on Bit.ly, BlogSpot, and Pastebin as a command-and-control (C2) infrastructure to distribute the RevengeRAT. Attackers hit organizations […]
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Attackers hacked support agent to access Microsoft Outlook email accounts Major coordinated disinformation campaign hit the Lithuanian Defense Romanian duo convicted of fraud Scheme infecting 400,000 computers Security Affairs […]
A new service called Inpivx represents the evolution of the ransomware-as-a-service making it very easy for wannabe crooks to develop their malware and build a management panel. A new Tor hidden service called Inpivx evolves the concept of the ransomware-as-a-service making it very easy for crooks without technical skills to develop their own malware and […]
British malware researcher Marcus Hutchins has pleaded guilty to developing and sharing the banking malware between July 2014 and July 2015. The popular British cybersecurity expert Marcus Hutchins has pleaded guilty to developing and sharing the Kronos banking malwarebetween July 2014 and July 2015. Marcus Hutchins, also known as MalwareTech, made the headlines after discovering […]
Iran-linked APT group OilRig is heavily leveraging on DNS tunneling for its cyber espionage campaigns, Palo Alto Networks reveals. Security researchers at Palo Alto Networks reported that Iran-linked APT group OilRig is heavily leveraging on DNS tunneling for its cyber espionage campaigns, Palo Alto Networks reveals. OilRig is an Iran-linked APT group that has been […]
A new variant of the HawkEye data stealer emerges in the threat landscape as part of ongoing malware distribution campaigns. New malware campaigns leveraging a new variant of the HawkEye data stealer have been observed by experts at Talos. The malware has been under active development since at least 2013 and it is offered for […]
Cyber security firm FireEye announced the release of FLASHMINGO, a new open source tool designed to automate the analysis of Adobe Flash files. FireEye released FLASHMINGO, a new open source tool designed to automate the analysis of Adobe Flash files. Adobe Flash is one of the most exploited software components of the last decade, even […]
Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. The Scranos rootkit malware was first discovered late last year when experts at Bitdefender were analyzing a new password- and data-stealing operation leveraging around a rootkit driver digitally signed with a stolen […]