Chinese TEMP.Periscope cyberespionage group targeted a UK-based engineering company using TTPs associated with Russia-linked APT groups. Attribution of cyber attacks is always a hard task, in many cases attackers use false flags to masquerade their identities. Chinese hackers have targeted a UK-based engineering company using techniques and artifacts attributed to the Russia-linked APT groups Dragonfly and […]
Experts from Symantec collected evidence that APT28 group returns to covert intelligence gathering operations in Europe and South America. APT28 state-sponsored group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) seems to have shifted the focus for its operations away from election interference to cyber espionage activities. The APT28 group has been active since at least 2007 and it has targeted governments, […]
Security experts from ESET have spotted the first UEFI rootkit of ever, the code tracked as LoJax was used in attacks in the wild. Security researchers from ESET have discovered a new piece of a sophisticated malware used by the Russia-linked Sednit group (aka Fancy Bear, APT28, Pawn Storm, Sofacy Group, and STRONTIUM) in targeted attacks aimed at government entities in the Balkans as […]
Microsoft has spotted a new hacking campaign targeting 2018 midterm elections, the experts attributed the attacks to Russia-linked APT28 group. Microsoft has spotted a new hacking campaign targeting 2018 midterm elections. The tech giant attributed to Russia-linked APT28 a series of cyber attacks aimed at Members of United States’ Senate, conservative organizations and think tanks. […]
The Russia-linked APT28 group targets Senator Claire McCaskill and her staff as they gear up for her 2018 re-election campaign. The Russian APT group tracked as Fancy Bear (aka APT28, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM), that operated under the Russian military agency GRU, continues to target US politicians. This time the target is Senator Claire McCaskill and her staff as […]
Microsoft helped the US Government is protecting at least three 2018 midterm election candidates from attacks of Russian cyberspies. Microsoft revealed that Russian cyberspies attempted to hack at least three 2018 midterm election candidates and it has helped the US government to repeal their attacks. A Microsoft executive speaking at the Aspen Security Forum revealed the hacking attempts against […]
Researchers from the Z-Lab at CSE Cybsec analyzed a new collection of malware allegedly part of a new espionage campaign conducted by the APT28 group. It was a long weekend for the researchers from the Z-Lab at CSE Cybsec that completed the analysis a number of payloads being part of a new cyber espionage campaign […]
Ukraine ‘s SBU Security Service reportedly stopped VPNFilter attack at chlorine station, the malware infected the network equipment in the facility that supplies water treatment and sewage plants. According to the Interfax-Ukraine media outlet, the VPNFilter hit the LLC Aulska station in Auly (Dnipropetrovsk region), according to the experts the malware aimed at disrupting operations at the chlorine station. […]
Experts from security firms GreyNoise Intelligence and JASK believe that the threat actor behind the VPNFilter is now attempting to resume the botnet with a new wave of infections. A week ago security experts and law enforcement bodies reported the existence of a huge Russia-linked botnet tracked as VPNFilter. The botnet infected over 500,000 routers and […]
Researchers and the FBI are working together to take down the dreaded VPNFilter botnet composed of hundreds of thousands of compromised devices. For several months, there have been rumors and vague warnings about highly skilled adversaries targeting critical infrastructure. Last week we learned some details about the warning, why you might be impacted and how […]