Cybaze-Yoroi ZLab analyzed a new implant employed by a North Korea-linked APT group, tracked as Kimsuky, in attacks on South Korea. Introduction Recently we have observed a significant increase in state-sponsored operations carried out by threat actors worldwide. APT34, Gamaredon, and Transparent Tribe are a few samples of the recently uncovered campaigns, the latter was spotted after four […]
The DRBControl APT group has been targeting gambling and betting companies worldwide with malware that links to two China-linked APT groups. Security researchers from TrendMicro have uncovered a cyber espionage campaign carried out by an APT group tracked as DRBControl that employed a new family of malware. The attackers aimed at stealing databases and source […]
Security experts from Yoroy-Cybaze ZLab have conducted a detailed analysis of an implant used by the Gamaredon APT group in a recent campaign. Introduction Gamaredon Group is a Cyber Espionage persistent operation attributed to Russians FSB (Federal Security Service) in a long-term military and geo-political confrontation against the Ukrainian government and more in general against […]
Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world Iran-linked attackers targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies as part of the Fox Kitten Campaign. During the last quarter of 2019, experts from security firm ClearSky uncovered a hacking campaign tracked […]
The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) released reports on North Korea-linked HIDDEN COBRA malware. The FBI, the US Cyber Command, and the Department of Homeland Security have published technical details of a new North-Korea linked hacking operation. The government experts released new and updated Malware Analysis Reports (MARs) […]
Security experts uncovered a new cyberespionage campaign conducted by one of the Gaza Cybergang groups (aka MoleRATs) targeting the Middle East. Experts from the Cybereason Nocturnus team have uncovered a cyber espionage campaign allegedly carried out by one of the Gaza Cybergang groups (aka MoleRATs). MoleRATs is an Arabic-speaking, politically motivated group of hackers that […]
Microsoft February 2020 Patch Tuesday updates address a total of 99 new vulnerabilities, including an Internet Explorer zero-day exploited in the wild. Microsoft has released the Patch Tuesday updates for February 2020 that address a total of 99 vulnerabilities, including an Internet Explorer zero-day tracked as CVE-2020-0674 reportedly exploited by the APT group. In January, Microsoft has […]
Winnti Group has compromised computer systems at two Hong Kong universities during the Hong Kong protests that started in March 2019. Hackers from the China-linked Winnti group have compromised computer systems at two Hong Kong universities during the Hong Kong protests that started in March 2019. Researchers from ESET discovered the attacks in November 2019 […]
Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. According to ZDNet, the hackers involved in the attack against the Mitsubishi Electric have exploited a zero-day vulnerability in Trend Micro OfficeScan to infect company servers. This week, Mitsubishi Electric disclosed a security breach that might have […]
Hackers used a remote access Trojan (RAT) associated with Iran-linked APT groups in recent attacks on a key organization in the European energy sector. Security experts from Recorded Future reported that a backdoor previously used in attacks carried out by an Iran-linked threat actor was used to target a key organization in the European energy […]