APT

Pierluigi Paganini September 14, 2018
Iran-Linked OilRig APT group targets high-ranking office in a Middle Eastern nation

Researchers from the Unit42 at Palo Alto Networks observed Iran-Linked OilRig APT group targeting high-ranking office in a Middle Eastern nation The Iran-linked APT group OilRig continues to very active, it continues to improve the weapons in its arsenal. The OilRig hacker group has been around since at least 2015, since then it targeted mainly organizations in the financial and government […]

Pierluigi Paganini September 10, 2018
Chinese LuckyMouse APT has been using a digitally signed network filtering driver in recent attacks

Security experts observed the LuckyMouse APT group using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. Security experts from Kaspersky have observed the LuckyMouse APT group (aka Emissary Panda, APT27 and Threat Group 3390) using a digitally signed 32- and 64-bit network filtering driver NDISProxy in recent attacks. The APT group […]

Pierluigi Paganini September 09, 2018
Domestic Kitten – An Iranian surveillance operation under the radar since 2016

CheckPoint uncovered an extensive surveillance operation conducted by Iranian APT actor and tracked as Domestic Kitten aimed at specific groups of individuals. Researchers at security firm CheckPoint uncovered an extensive surveillance operation conducted by Iranian APT actor and tracked as Domestic Kitten aimed at specific groups of individuals. Cyber spies used malicious mobile apps that […]

Pierluigi Paganini September 06, 2018
New OilRig APT campaign leverages a new variant of the OopsIE Trojan

The Iran-linked APT group OilRig was recently observed using a new variant of the OopsIE Trojan that implements news evasion capabilities. Experts at Palo Alto Networks observed a new campaign carried out by the Iran-linked APT group OilRig that was leveraging on a new variant of the OopsIE Trojan. The OilRig hacker group is an Iran-linked APT that has been […]

Pierluigi Paganini September 05, 2018
Group-IB UncoversAPT- attacks on Banks: The Sound of Silence

Researchers at security firm Group-IB have exposed the attacks carried out by the Silence cybercriminal group, providing details on its tactics and tools. Experts at security firm Group-IB have exposed the attacks committed by Silence cybercriminal group. While the gang had previously targeted Russian banks, Group-IB experts also have discovered evidence of the group’s activity in more than 25 countries worldwide. Group-IB […]

Pierluigi Paganini September 05, 2018
CrowdStrike uncovered a new campaign of GOBLIN PANDA APT aimed at Vietnam

Researchers from security firm CrowdStrike have observed a new campaign associated with the GOBLIN PANDA APT group. Experts from security firm CrowdStrike have uncovered a new campaign associated with the GOBLIN PANDA APT group. The group also knows as Cycldek was first spotted in September 2013, it was mainly targeting entities in Southeast Asia using different malware variants mainly PlugX and […]

Pierluigi Paganini September 03, 2018
TrendMicro links Urpage hacking crew to other threat actors

Last week, security researchers from Trend Micro discovered a new threat actor, tracked as Urpage, that shares similarities with other three hacking crews. Researchers from Trend Micro linked a recently discovered actor, tracked as Urpage, to the hacking groups known as Bahamut, Confucius, and Patchwork. Trend Micro first connected the Confucius group to the Patchwork […]

Pierluigi Paganini August 28, 2018
Security firm attributes Cosmos Bank cyberheist to Lazarus APT

Security experts from Securonix have published a report that attributes the attack against on the Cosmos Bank to the Lazarus APT group. Cosmos Bank is one of the largest Indian cooperative banks, it was the victim of a cyberheist a couple of weeks ago when hackers stole over 940 million rupees ($13.5 million) in just three […]

Pierluigi Paganini August 24, 2018
North Korea-linked Lazarus APT uses first Mac malware in cryptocurrency exchange attack

North Korea-linked Lazarus APT group leveraged for the first time on a MacOS variant of the Fallchill malware in a cryptocurrency exchange attack. According to Kaspersky, the North Korea-linked Lazarus group used a macOS malware to target a cryptocurrency exchange in a recent attack. The activity of the Lazarus Group surged in 2014 and 2015, […]

Pierluigi Paganini August 19, 2018
China’s Belt and Road project (BRI) is a driver of regional cyber threat activity

Security experts have observed increasing cyber espionage activity related to China’s Belt and Road Initiative (BRI). The alarm was launched by the experts from cybersecurity firms FireEye and Recorded Future. China’s Belt and Road Initiative (BRI) is a development project for the building of an infrastructure connecting countries in Southeast Asia, Central Asia, the Middle East, Europe, […]