nation-state hackers

Pierluigi Paganini November 13, 2016
Pawn Storm APT conducted spear-phishing attacks before zero-days was fixed

The Pawn Storm APT group exploited some zero-days vulnerabilities in targeted attacks across the world before they get patched. The Pawn Storm APT group, also known as APT28 and Fancy Bear, exploited some zero-days flaw in targeted attacks before they get patched. The threat actors powered spear phishing attacks between the discovery of the zero-days […]

Pierluigi Paganini November 01, 2016
Philip Hammond invokes an active defence of UK hacking back the attackers

The British Government announces an active defence posture in response to nation-state cyber attacks, Chancellor warns UK will retaliate against attacks. Hacking back, or “active defence” as security experts prefer to call it, is becoming a high debated argument. While the number of cyber attacks continues to increase and attackers are using even more sophisticated techniques, many Governments […]

Pierluigi Paganini April 22, 2016
Asian Nation-State hackers use fileless RAT for their hacking campaign

State-sponsored actors in Asia have been leveraging fileless RAT for their hacking campaigns in order to avoid the detection. Security experts from SentinelOne spotted nation-state actors in Asia running espionage campaigns relying on fileless Remote Access Trojan. The state-sponsored hackers were injecting the RAT payload directly into the memory of the target host in order to […]

Pierluigi Paganini April 19, 2016
The Four Element Sword, weaponized document builder used in APT Attacks

Experts analyzed a dozen attacks that leveraged on malicious RTF documents created using the same Four Element Sword builder. Security experts at Arbor Networks’ Security Engineering and Response Team (ASERT) have spotted a tool used in advanced persistent threat (APT) attacks against organizations in East Asia. The researchers have analyzed a dozen attacks that leveraged on malicious Rich […]

Pierluigi Paganini April 13, 2016
Is there electronic warfare behind the block of Swedish air traffic control systems?

Swedish experts warned of an electronic warfare attack on its air traffic control systems occurred in November. Is it electronic warfare? Swedish experts suspect that the attack on its air traffic control systems last November was operated by Russian nation-state hackers, the Arlanda, Landvetter and Bromma airport reported the major problems. The Swedish experts believe the cyber attacks were […]

Pierluigi Paganini February 16, 2016
APT Groups don’t go under the grid after a successful attack!

What happened to some of the APT groups behind clamorous cyber attacks? Why they don’t go dark anymore after being outed, a behavior completely different from the past. I’m sure everyone remembers the Sony attack occurred in 2014, when the US Government blamed the North Korean Government for the attack, materially executed by a hacking […]

Pierluigi Paganini February 10, 2016
SAP fixed a flaw in xMII that could open the door to nation-state hackers

SAP fixed a vulnerability affecting SAP MII can be used as a starting point of multi-stage attacks aiming to get control over plant devices and manufacturing systems. SAP fixed a critical vulnerability in its application that could be exploited by hackers, especially nation-state actors, to compromise industrial manufacturing software. SAP issued a critical software update that […]