Malware Hunter – One year after its launch, Marco Ramilli shared the results of its project that has analyzed more than 1 Million malware samples. Malware Hunter – One year ago I decided to invest in static Malware Analysis automation by setting up a full-stack environment able to grab samples from common opensources and to […]
A new threat actor tracked as TA2101Â is conducting malware campaigns using email to impersonate government agencies in the United States, Germany, and Italy. A new threat actor, tracked as TA2101, is using email to impersonate government agencies in the United States, Germany, and Italy to multiple families of malware, deliver ransomware, and banking Trojans. The […]
Kaspersky discovered a previously unknown APT group, tracked as DarkUniverse, by analyzing Shadow Brokers’ “Lost in Translation” data dump. In 2017, a hacker group known as the Shadow Brokers stolen malware and hacking tools from the arsenal of the NSA-Linked Equation Group, then it published online the data dump called “Lost in Translation.” The dump […]
China-linked APT41 group is targeting telecommunications companies with a new piece of malware used to spy on text messages of highly targeted individuals. Researchers at FireEye discovered a new backdoor tracked as MessageTap that China-linked APT41 group are using to spy on text messages sent or received by highly targeted individuals The experts found the […]
Experts at Fortinet analyzed NukeSped malware samples that share multiple similarities with malware associated with North Korea-linked APTs. Fortinet has analyzed the NukeSped RAT that is believed to be a malware in the arsenal of the Lazarus North-Korea linked APT group. The attribution to the Lazarus group is based on the similarities with other malware […]
Winnti Group is back with a new modular Win backdoor that was used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. Security experts at ESET revealed that Winnti Group continues to update its arsenal, they observed that the China-linked APT group using a new modular Windows backdoor that they used to infect the […]
Iran-linked APT group Charming Kitten employed new spear-phishing methods in attacks carried out between August and September. Security experts at ClearSky analyzed attacks recently uncovered by Microsoft that targeted a US presidential candidate, government officials, journalists, and prominent expatriate Iranians. Microsoft Threat Intelligence Center (MSTIC) observed the APT group making more than 2,700 attempts to […]
FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target remote administration software of ATM vendor. Security experts at FireEye Mandiant discovered that the FIN7 hacking group has added new tools to its arsenal, including a new loader and a module that hooks into the legitimate […]
NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws Last week, the UKâs National Cyber Security Centre (NCSC) reported that advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild. Threat actors leverage VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure, to […]
The UKâs National Cyber Security Centre (NCSC) warns of attacks exploiting recently disclosed VPN vulnerabilities in Fortinet, Palo Alto Networks and Pulse Secure According to the UKâs National Cyber Security Centre (NCSC), advanced persistent threat (APT) groups have been exploiting recently disclosed VPN vulnerabilities in enterprise VPN products in attacks in the wild. Threat actors […]