cyber espionage

Pierluigi Paganini July 18, 2018
QUASAR, SOBAKEN AND VERMIN RATs involved in espionage campaign on Ukraine

Security experts from ESET uncovered an ongoing cyber espionage campaign aimed at Ukrainian government institutions and involving three different RATs, including the custom-made VERMIN. Security researchers from ESET uncovered an ongoing cyber espionage campaign aimed at Ukrainian government institutions, attackers used at least three different remote access Trojans (RATs). The campaign was first spotted in January by […]

Pierluigi Paganini July 17, 2018
Trump – Putin meeting: “I don’t see any reason” for Russia to interfere with the US presidential election

Russian President Vladimir Putin ‘just said it’s not Russia,’ and President Trump believes him. Today the controversial meeting between Russian President Vladimir Putin and US President Donald Trump was held in Helsinki, but as expected Russian President denied any interference with the 2016 US election. After the meeting, Putin and Trump made a joint news conference and […]

Pierluigi Paganini July 13, 2018
Mobile Malware Campaign targets users in India through rogue MDM service

Talos Team have uncovered a “highly targeted” campaign leveraging a mobile malware distributed through a bogus MDM service Security experts from Talos Team have uncovered a “highly targeted” campaign leveraging a mobile malware that has been active at least since August 2015. The researchers believe that cyberspies are operating from China and they found spying […]

Pierluigi Paganini July 12, 2018
China-based TEMP.Periscope APT targets Cambodia’s elections

FireEye uncovered a large-scale Chinese phishing and hacking campaign powered by Temp.periscope APT aimed at Cambodia’s elections. Security researchers at FireEye have uncovered a large-scale Chinese phishing and hacking campaign aimed at Cambodia’s elections. The hackers distributed a remote access trojan (RAT) and data exfiltration operation targeting the poll. The experts from FireEye attributed the attacks to an APT group tracked […]

Pierluigi Paganini July 06, 2018
Hamas cyber-operatives lure Israeli soldiers to spyware hidden in tainted apps

Israeli military intelligence accused Hamas operatives of creating tainted apps to lure soldiers into downloading spyware onto their phones. According to a report published by the Israeli military, Hamas hackers are attempting to lure Israel Defence Forces (IDF) soldiers into installing tainted apps on their devices. Israeli military already blamed Hamas of similar attacks, but this […]

Pierluigi Paganini June 27, 2018
Recently discovered RANCOR cyber espionage group behind attacks in South East Asia

Security researchers at Palo Alto Networks have uncovered a new cyber espionage group tracked as RANCOR that has been targeting entities in South East Asia. According to the experts, the RANCOR APT group has been targeting political entities in Singapore, Cambodia, and Thailand, and likely in other countries, using two previously unknown strain of malware. The two […]

Pierluigi Paganini June 25, 2018
China Tick APT group targeting air-gapped systems in Asia

Palo Alto Networks experts uncovered a new operation conducted by the cyber espionage group known as Tick APT that has been targeting a secure USB drive built by a South Korean defense company.  The Tick APT group has been active for at least a decade, tracked also as Bronze Butler, it was first spotted in 2016 by […]

Pierluigi Paganini June 18, 2018
China-Linked APT15 is still very active, experts found its new malware tracked as ‘MirageFox’

Following the recent hack of a US Navy contractor security experts found evidence of very recent activity by the China-linked APT group tracked as APT15. The China-linked APT15 group (aka Ke3chang, Mirage, Vixen Panda, Royal APT and Playful Dragon) has developed a new strain of malware borrowing the code from one of the tool he used in past […]

Pierluigi Paganini June 16, 2018
Singapore was hit by an unprecedented number of attacks during the Trump-Kim Summit

Researchers observed a spike in the number of cyber-attacks targeting Singapore during the Trump-Kim Summit, from June 11 to June 12. Researchers at F5 Labs have observed a spike in the number of cyber-attacks targeting Singapore from June 11 to June 12, in the wake of the meeting between U.S. President Donald Trump and North Korean President Kim Jong-un in […]

Pierluigi Paganini June 15, 2018
A new MuddyWater Campaign spreads Powershell-based PRB-Backdoor

Trend Micro spotted a new attack relying on weaponized Word documents and PowerShell scripts that appears related to the MuddyWater APT. Security experts at Trend Micro have spotted a new attack relying on weaponized Word documents and PowerShell scripts that appears related to the MuddyWater cyber-espionage campaign. The first MuddyWater campaign was observed in late 2017, then researchers from […]