Pierluigi Paganini
June 01, 2019
The Russian army seems to be in the process of replacing the Windows system with the Debian-based Linux distribution Astra Linux. Cyber security seems to subvert the globalization concept, governments are working to develop their own technology fearing possible espionage and sabotage activities of foreign states. The Russian military is in the process of replacing […]
Pierluigi Paganini
May 23, 2019
UK Government has provided to 16 NATO allies evidence of malicious Russia ‘s cyber activity in their countries over the last 18 months. According to the foreign minister Jeremy Hunt, the UK Government has provided to 16 NATO allies evidence of cyber attacks carried out by Russia against their countries over the last 18 months. […]
Pierluigi Paganini
April 23, 2019
Cybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before. Researchers at FireEye discovered that the Carbanak source code has been available on VirusTotal for two years, but it was not noticed before. The Carbanak gang (aka FIN7, Anunak or Cobalt) stole over […]
Pierluigi Paganini
April 18, 2019
In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? Introduction The uncertain attribution of the Ukrainian themed malicious document discussed in our past article “APT28 and Upcoming Elections: Possible Interference Signals”, led us to a review of Sofacy’s phishing techniques to confirm or […]
Pierluigi Paganini
April 18, 2019
Russian financially motivated threat actor TA505 used remote access Trojans (RATs) in attacks on financial entities in the United States and worldwide. Security experts at CyberInt uncovered a new campaign of a Russian financially motivated threat actor tracked as TA505. The hackers used remote access Trojans (RATs) in attacks aimed at financial entities in the […]
Pierluigi Paganini
April 12, 2019
In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? Introduction In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild. This file was uncommon, it seemed carefully prepared and was speaking about who is leading in the elections […]
Pierluigi Paganini
February 27, 2019
The U.S. Cyber Command blocked the Internet access to the Russian troll factory while it was attempting to interfere with 2018 midterm. According to the Washington Post, that cites several U.S. officials, the operation conducted by the U.S. Cyber Command hit the Internet Research Agency in St. Petersburg, the company used by the Russian Government […]
Pierluigi Paganini
February 20, 2019
Microsoft says Russian APT28 group carried out multiple cyberattacks on democratic institutions in Europe between September and December 2018. Microsoft revealed that hackers belonging to the cyber espionage group APT28 (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, and STRONTIUM) launched several attacks on democratic institutions in Europe between September and December 2018. The tech giant revealed that 104 accounts belonging […]
Pierluigi Paganini
February 20, 2019
Security researchers at Check Point have uncovered a cyber espionage campaign conducted by Lazarus APT group aimed at Russian targets. Security experts at Check Point have uncovered a cyber espionage campaign carried out by Lazarus aimed at Russian targets, If the attribution is correct, this is the first time that North Korean cyber spies were […]
Pierluigi Paganini
February 16, 2019
Russia plans to disconnect the country from the internet as part of an experiment aimed at testing the response to cyber attacks that should isolate it. Russia plans to disconnect the country from the Internet for a limited period of time to conduct a test aimed at assessing the security of its infrastructure. Russian citizens […]
