Security researchers at Yoroi-Cybaze ZLab uncovered a new campaign carried out by the Russian state-actor dubbed Gamaredon. Introduction Few days after the publication of our technical article related to the evidence of possible APT28 interference...
Iran-linked OilRig cyberespionage group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns.Iran-linked OilRig cyberespione group is using the reconnaissance malware Karkoff along with DNSpionage in recent campaigns. The...
Experts at Kaspersky Lab linked the recent supply-chain attack targeted ASUS users to the "ShadowPad" threat actor and the CCleaner incident. Security researchers at Kaspersky Lab linked the recent supply-chain attack that hit ASUS users (tracked...
Cybersecurity researchers from FireEye revealed that the Carbanak source code has been available on VirusTotal for two years, and none noticed it before. Researchers at FireEye discovered that the Carbanak source code has been available on VirusTotal...
Security expert Marco Ramilli published the findings of a quick analysis of the webmask project standing behind the DNS attacks implemented by APT34 (aka OilRig and HelixKitten). Thanks to the leaked source code it is now possible to check APT34...
Palo Alto Networks Unit 42 researchers uncovered a malicious campaign targeting entities in North America, Europe, Asia, and the Middle East with RevengeRAT. The campaign was carried out during March, threat actors tracked as Aggah" used pages hosted...
A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition Paper Copy Once again thank you! Attackers hacked support agent to access Microsoft Outlook email accounts ...
Lab Dookhtegan hackers leaked details about operations carried out by Iran-linked OilRig group, including source code of 6 tools. A hacker group that goes online with the name Lab Dookhtegan have disclosed details about operations conducted by the Iran-linked...
Iran-linked APT group OilRig is heavily leveraging on DNS tunneling for its cyber espionage campaigns, Palo Alto Networks reveals. Security researchers at Palo Alto Networks reported that Iran-linked APT group OilRig is heavily leveraging on DNS tunneling...
In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? Introduction The uncertain attribution of the Ukrainian themed malicious document discussed in our past...