Pierluigi Paganini
November 13, 2018
Security firm Cylance has uncovered a sophisticated state-sponsored campaign, tracked as Operation Shaheen, against the Pakistan Air Force. According to the experts the campaign was carried out by a nation-state actor tracked as the White Company with access to zero-day exploits and exploit developers. “The preliminary findings detail one of the group’s recent campaigns, a year-long espionage effort […]
Pierluigi Paganini
November 11, 2018
Experts at Volexity discovered that a recently patched remote code execution flaw (CVE-2018-15961) affecting the Adobe ColdFusion has been exploited in the wild. Security experts from Volexity reported that attackers in the wild are exploiting a recently patched remote code execution vulnerability affecting the Adobe ColdFusion. The flaw, tracked as CVE-2018-15961, is an unrestricted file upload vulnerability, successful exploitation could lead to […]
Pierluigi Paganini
November 10, 2018
North Korea-linked Lazarus Group has been using FastCash Trojan to compromise AIX servers to empty tens of millions of dollars from ATMs. Security experts from Symantec have discovered a malware, tracked as FastCash Trojan, that was used by the Lazarus APT Group, in a string of attacks against ATMs. The ATP group has been using this malware […]
Pierluigi Paganini
October 19, 2018
Security researchers from McAfee have recently uncovered a cyber espionage campaign, tracked as Operation Oceansalt, targeting South Korea, the United States, and Canada. The threat actors behind Operation Oceansalt are reusing malware previously associated with China-linked cyberespionage group APT1. “McAfee Advanced Threat Research and Anti-Malware Operations teams have discovered another unknown data reconnaissance implant targeting Korean-speaking users.” reads the report. “We […]
Pierluigi Paganini
October 18, 2018
Security researchers from ESET published a detailed analysis of a recently discovered cyber espionage group tracked as GreyEnergy. Security experts from ESET published a detailed analysis of a recently discovered threat actor tracked as GreyEnergy, its activity emerged in concurrence with BlackEnergy operations. ESET researchers have spotted a new strain of malware tracked as Exaramel […]
Pierluigi Paganini
October 16, 2018
Kaspersky experts published a detailed analysis of the attacks conducted by the Russian-linked cyber espionage group DustSquad. Earlier October, security experts from ESET shared details about the operations of a cyber espionage group tracked as Nomadic Octopus, a threat actor focused on diplomatic entities in Central Asia. The group has been active since at least 2015, ESET researchers presented […]
Pierluigi Paganini
October 11, 2018
A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. A new cyber espionage group tracked as Gallmaker appeared in the threat landscape. According to researchers from Symantec, who first spotted the threat actor, the group has launched attacks on several overseas embassies […]
Pierluigi Paganini
October 10, 2018
A Windows zero-day flaw addressed by Microsoft with its latest Patch Tuesday updates is exploited by an APT group in attacks aimed at entities in the Middle East. The Windows zero-day vulnerability tracked as CVE-2018-8453 is a privilege escalation flaw that was exploited by an APT group in attacks against entities in the Middle East. The flaw, tracked as […]
Pierluigi Paganini
October 10, 2018
Security firm Group-IB has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 million (2.96 billion rubles) of damage to Russia’s financial sector Group-IB, an international company that specializes in preventing cyber attacks, has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 million (2.96 billion rubles) of damage to Russia’s financial sector. […]
Pierluigi Paganini
October 08, 2018
Researchers from Kaspersky Lab collected evidence that demonstrates overlaps between the activity of Russian APT groups Turla and Sofacy. In March, during the Kaspersky Security Analyst Summit held in Cancun, Kurt Baumgartner, Kaspersky principal security researcher, revealed the activity associated with Sofacy APT group appears to overlap with campaigns conducted by other cyber espionage groups. Baumgartner […]
APT / February 05, 2026
