Security experts linked a number of cyber-espionage campaigns observed over the years to the same Chinese threat actor, tracked as PKPLUG. Security experts linked a number of cyber-espionage campaigns observed over the years to the same Chinese threat actor, tracked as PKPLUG. The name comes from the threat actor using PlugX inside ZIP archives containing […]
A joint research from Intezer and Check Point Research shows connections between nearly 2,000 malware samples developed by Russian APT groups. A joint research from Intezer and Check Point Research shed light on Russian hacking ecosystem and reveals connections between nearly 2,000 malware samples developed by Russian APT groups. The report is extremely interesting because gives to the analysts […]
Security experts at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group aimed at political targets. Security researchers at ESET have uncovered a new campaign carried out by Russia-linked Fancy Bear APT group (i.e. APT28, Sednit, Sofacy, Zebrocy, and Strontium) aimed at political targets. In the recent attacks, the hackers […]
Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. Threat actors deployed the malware on ATM systems to steal payment card details of […]
Symantec spotted a new threat actor, tracked as TortoiseShell, that is compromising IT providers to target their specific customers. Symantec researchers spotted a new threat group, tracked as TortoiseShell, that is compromising IT providers to target their specific customers. The group was first spotted in 2018, but experts speculate that it has been active for […]
Australia ‘s intelligence is sure that China is behind the cyberattacks that hit its parliament and political parties, but decided to not publicly accuse it. According to the Reuters agency, Australia’s intelligence has evidence that the attacks that hit its parliament and political parties were orchestrated by China. Anyway the Australian government decided to not […]
The US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The US Treasury sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The groups are behind several hacking operations that resulted in the theft of hundreds of millions of dollars from financial institutions and cryptocurrency exchanges […]
A recently reported APT group dubbed Lyceum group targets Oil and Gas organizations in the Middle East with simple techniques. The activity of the Lyceum APT group was first documented earlier in August by researchers at ICS security firm Dragos that tracked it as Hexane. Security experts at Dragos Inc. reported that Hexane is targeting organizations […]
Security researcher Marco Ramilli presents a comparative analysis of attacks techniques adopted by the Iran-Linked OilRig APT group. Today Iâd like to share a comparative analysis of OilRig techniques mutation over time. In particular I will refer to great analyses made by Paloalto UNIT 42 plus my own ones (HERE, HERE, HERE, etc..) and more personal thoughts. I would define this group […]
Security experts from ESET uncovered a cyber-espionage group tracked as Machete that stole sensitive files from the Venezuelan military. Security experts from ESET reported that a cyberespionage group tracked as Machete has stolen sensitive files from the Venezuelan military. The group has been active since 2010 and hit military organizations and other high-profile targets worldwide. […]