watering hole

Pierluigi Paganini February 15, 2017
BitDefender found the first MAC OS version of the X-Agent used by the APT28

Security experts at Bitdefender discovered a MAC OS version of the X-Agent malware used by the Russian APT28 cyberespionage group. Security experts at BitDefender have discovered a MAC OS malware program that’s likely part of the arsenal of the dreaded Russian APT 28 group (aka Pawn Storm, Sednit, Sofacy, Fancy Bear and Tsar Team). The Russian nation-state actor was involved […]

Pierluigi Paganini December 10, 2016
APT 28 group is ramping up information warfare against Germany

According to the German Intelligence, the APT 28 group, also known as Fancy Bear, is ramping up information warfare against Germany and the rest of West. US intelligence agencies blame the Russian government for ramping up infowar against the US and the West. According to the US Government, Russian-state hackers hacked the Democratic National Committee (DNC) and other political organizations worldwide. […]

Pierluigi Paganini October 27, 2016
Hackers behind the BLACKGEAR espionage campaign now targets Japan

The threat actor behind the Blackgear cyber-espionage campaign that is targeting Japanese entities is the same that hit Taiwan in 2012. According to security experts from Trend Micro, Japanese organizations were targeted in an espionage campaign dubbed Blackgear. Attackers behind the Blackgear appear to be the same that targeted users in Taiwan in 2012, they used […]

Pierluigi Paganini October 11, 2016
StrongPity APT – Waterhole attacks against Italian and Belgian users

Kaspersky published a report on cyber espionage activities conducted by StrongPity APT that most targeted Italians and Belgians with watering holes attacks. Experts from Kaspersky Lab have published a detailed report on the cyber espionage activities conducted by the StrongPity APT. The group is very sophisticated, its operations leverage on watering holes attacks and malware to target users […]

Pierluigi Paganini May 13, 2016
Pawn Storm hackers hit the German Christian Democratic Union party

Researchers at Trend Micro discovered that Pawn Storm threat actor targeted the political party of Chancellor Angela Merkel, the Christian Democratic Union. Security experts follow a long time the operations of the Russian-linked Pawn Storm cyber spies, aka APT 28, Sednit, Sofacy, Fancy Bear and Tsar Team. In October 2014, security experts at Trend Micro spotted a cyber […]

Pierluigi Paganini March 06, 2016
Operation Transparent Tribe targets Indian diplomats and military

ProofPoint uncovered a new cyber espionage campaign dubbed Operation Transparent Tribe targeting Indian diplomatic and military entities. A new cyber espionage campaign dubbed Operation Transparent Tribe is targeting diplomats and military personnel in India. The researchers at Proofpoint who have uncovered the hacking campaign confirmed that threat actors used a number of hacking techniques to hit the […]

Pierluigi Paganini October 27, 2015
Duuzer, a data stealer Trojan targets South Korean organizations

Researchers at Symantec uncovered bad actors that have been using a backdoor Trojan dubbed Duuzer to target organizations in South Korea and elsewhere. According to Symantec, threat actors have been using a data stealer Trojan dubbed Duuzer to target organizations mainly located in South Korea. The bad actors conducted targeted attacks against organizations in the manufacturing […]

Pierluigi Paganini October 13, 2015
The rise of the Japanese Cybercrime Underground

Researchers at Trend Micro have issued a new report on the Japanese Cybercrime Underground, a growing criminal community with his characteristics. Cybercrime underground is a growing and prolific industry that knows no crisis as demonstrated by the numerous reports issued by principal security companies and law enforcement. In the past we have analyzed criminal most […]

Pierluigi Paganini August 06, 2015
The Panda Emissary APT specialized in defence aerospace projects

The Panda Emissary group extensively uses long-running strategic web compromises and relies on whitelists to syphon defence aerospace projects from victims. An alleged Chinese APT group dubbed Panda Emissary (also known as TG-3390) is targeting high-profile governments and organisations searching for defense aerospace projects. Researchers at Dell discovered that the Panda Emissary group used Watering hole […]

Pierluigi Paganini April 15, 2015
Dell report revealed attacks on SCADA system are doubled

A recent report published by Dell revealed a 100 percent increase in the number of attacks on industrial control (SCADA) systems. The new Dell Annual Threat Report revealed that the number of attacks against supervisory control and data acquisition (SCADA) systems doubled in 2014 respect the previous year. Unfortunately, the majority of incidents occurred in SCADA systems is […]