Pierluigi Paganini
March 17, 2017
New APT Campaign based on Poison Ivy RAT with C&C in China has been reversed by MalwareMustDie who shared a lot of interesting details about the attack vectors and reverse techniques. Our travel along the great analysis of a fresh, new insidious APT China campaign. An ordinary case of phishing? At the beginning, it seemed […]
Pierluigi Paganini
February 17, 2017
A group of hackers tracked as ViperRAT is spying on the Israeli military by hacking into the soldiers’ personal Android mobile devices. A group of hackers, tracked as ViperRAT, is spying on the Israeli military by hacking into the soldiers’ personal Android mobile devices to track their activities and steal sensitive data. Experts from security firms […]
Pierluigi Paganini
January 19, 2017
Ukrenergo confirmed that preliminary results of its investigation showed that the Ukraine power outage that occurred in December was caused by hackers. In December 2016, the Government Ukraine energy company Ukrenergo suffered a severe power outage that affected the ”North” substation at Pivnichna. The incident caused blackouts in the city of Kyiv and neighboring regions. The […]
Pierluigi Paganini
January 06, 2017
Forcepoint has detected two new versions of an advanced persistent threat (APT) malware dubbed MM Core APT and first discovered in 2013. The APT MM Core malware has been in the wild since April 2013 when it was spotted for the first time by experts at FireEye. The malware researchers dubbed the first release of the […]
Pierluigi Paganini
December 22, 2016
The Russian APT group Fancy Bear used a malware implant on Android devices to track and target Ukrainian artillery units from late 2014 through 2016. The popular hacking group, known as Fancy Bear, APT 28, Pawn Storm, Sednit or Sofacy, is once again in the headlines. Experts from the cyber security firm CrowdStrike reported the alleged Russian nation-state actor used malware implant […]
Pierluigi Paganini
December 16, 2016
Microsoft discovered two distinct APT groups, PROMETHIUM and NEODYMIUM, that exploited the same Flash Player zero-day flaw on same targets. Security researchers have discovered two distinct APT groups, PROMETHIUM and NEODYMIUM, that exploited the same Flash Player zero-day vulnerability (CVE-2016-4117) in cyber espionage campaigns on Turkish citizens living in Turkey and various other European countries. Both […]
Pierluigi Paganini
December 15, 2016
The BlackEnergy hacker group that targeted the Ukrainian grid one year ago, now identified as TeleBots, are targeting Ukrainian banks. The BlackEnergy hacker group that targeted the Ukrainian grid one year ago causing a power outage in the country are now targeting Ukrainian banks. The Ukrainian government accused Russia of being involved in the attack, […]
Pierluigi Paganini
October 20, 2016
Experts from Kaspersky have discovered a new APT dubbed FruityArmor APT using a zero-day vulnerability patched this month by Microsoft. A new APT group, dubbed FruityArmor, targeted activists, researchers, and individuals related to government organizations. According to experts at Kaspersky Lab, the FruityArmor APT conducted targeted attacks leveraging on a Windows zero-day vulnerability, tracked as CVE-2016-3393, recently […]
Pierluigi Paganini
October 19, 2016
Experts at ElevenPaths, a Telefonica’s cyber security unit, provided further details on political cyberattacks leveraging on advanced malicious codes. On 19 July at 11pm Ankara time, Wikileaks published the first emails that were grabbed from the Turkish AKP. The organization led by Julian Assange, being in line with its policy on publication of secret information, […]
Pierluigi Paganini
August 22, 2016
The US Department of Energy (DOE) has awarded $34 million in funding to projects aimed at the protection of power grid from cyber attacks. A cyber attack against a critical infrastructure is an event that government doesn’t exclude, for this reason, one of the pillars of their cyber strategy is the adoption of countermeasures to improve their […]
