Pierluigi Paganini
May 09, 2017
#MacronLeaks – Experts discovered evidence suggesting Russian threat actors behind the hack of French presidential candidate Macron. Who are the hackers that attempted to subvert the final vote of French Presidential Election by targeting the Macron’s campaign? Hackers leaked a 9GB batch of internal documents through the Magnet file-sharing service. The Macron data leakage has happened while […]
Pierluigi Paganini
May 06, 2017
The campaign of the Presidential candidate Emmanuel Macron has been targeted once again by hackers that leaked a 9GB dump of stolen data from its staff. Information warfare and politics are even more strictly correlated. It has happened again, after the DNC hack, hackers have targeted also French presidential elections. The target of the hackers […]
Pierluigi Paganini
April 27, 2017
Security experts from security firm Redsocks published an interesting report on how to crack APT28 traffic in a few seconds. Introduction APT28 is a hacking group involved in many recent cyber incidents. The most recent attack allegedly attributed to this group is the one to French presidential candidate Emmanuel Macron’s campaign. Incident response to this Advanced […]
Pierluigi Paganini
April 25, 2017
The campaign of the French Presidential candidate Emmanuel Macron has been targeted by the notorious cyber espionage APT28 group. Yesterday the Danish Government officially accused the dreaded APT28 group (aka Fancy Bear, Pawn Storm, Sednit, Sofacy, and Strontium) of cyber attacks against Defense Ministry’s email accounts, now DNC hackers are suspected to have targeted also the French presidential […]
Pierluigi Paganini
April 24, 2017
Denmark on Monday denounced Russia after the publication of a report that accused Russian APT28 of hacking the defense ministry’s email accounts. Today the Danish Government officially blamed Russia for cyber attacks against its Defense Ministry. Denmark denounced a cyber intrusion in several Defense Ministry’s email accounts. The accusation comes after the publishing by the Centre for Cyber […]
Pierluigi Paganini
March 27, 2017
According to a German top official, Germany warded off two cyber attacks launched by the Russian state actor APT28 group in 2016. On Friday, a top German official told Reuters that last year Germany warded off two cyber attacks launched by the Russian APT28 group (aka Fancy Bear, Pawn Storm, Sednit, Sofacy, and Strontium) According to Arne Schoenbohm, president of […]
Pierluigi Paganini
February 16, 2017
Lorenzo Bicchierai from MotherBoard shared an interesting private report about Russian cyber espionage operations conducted by APT28, the document was leaked online by Google. The report dating 2014 includes information collected by Google on the hacking activities conducted by its hackers. In October 2014, the security experts at FireEye linked cyber attacks against a number of […]
Pierluigi Paganini
December 31, 2016
A FBI-DHS JAR report released implicated Russian hacking group APT28 and APT29 in attacks against 2016 Presidential Election. The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) published on Thursday a Joint Analysis Report(JAR) that provides information about the tools, infrastructure and TTPs used by the Russian civilian and military intelligence […]
Pierluigi Paganini
November 13, 2016
The Pawn Storm APT group exploited some zero-days vulnerabilities in targeted attacks across the world before they get patched. The Pawn Storm APT group, also known as APT28 and Fancy Bear, exploited some zero-days flaw in targeted attacks before they get patched. The threat actors powered spear phishing attacks between the discovery of the zero-days […]
Pierluigi Paganini
November 02, 2016
Executive vice president of Microsoft’s Windows and Devices group revealed that Windows Kernel zero-day recently disclosed was used by the Fancy Bear APT. On Oct. 31, the Google Threat Analysis Group publicly disclosed a vulnerability in the Windows kernel that is actively being exploited by threat actors in the wild. The zero-day could be exploited […]
