Experts from security firms GreyNoise Intelligence and JASK believe that the threat actor behind the VPNFilter is now attempting to resume the botnet with a new wave of infections. A week ago security experts and law enforcement bodies reported the existence of a huge Russia-linked botnet tracked as VPNFilter. The botnet infected over 500,000 routers and […]
The Department of Homeland Security (DHS) and the FBI issued a joint Technical alert on two strain on malware, the Joanap backdoor Trojan and Brambul Server Message Block worm, associated with the HIDDEN COBRA North Korea-linked APT group. The US-CERT alert reads: “Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators […]
Security experts from ESET observed the Turla APT group leveraging for the first time the Metasploit framework in the Mosquito campaign The Russia-linked Turla APT group continues its cyber espionage campaigns shifting towards more generic tools to remain under the radar. Turla is the name of a Russian cyber espionage APT group (also known as […]
Security experts from the industrial cybersecurity firm Dragos warn of a threat actor tracked as Allanite has been targeting business and industrial control networks at electric utilities in the United States and the United Kingdom. Dragos experts linked the campaigns conducted by the Dragonfly APT group and Dymalloy APT, aka Energetic Bear and Crouching Yeti, to a threat actors they […]
Recently, the Advanced Threat Response Team of 360 Core Security Division detected an APT attack exploiting a 0-day vulnerability tracked as CVE-2018-8174. Now the experts published a detailed analysis of the flaw. I Overview Recently, the Advanced Threat Response Team of 360 Core Security Division detected an APT attack exploiting a 0-day vulnerability and captured the worldâs […]
Microsoft has released the May 2018 Patch Tuesday that addresses more than 60 vulnerabilities, including two Windows zero-day flaws that can be exploited for remote code execution and privilege escalation. Microsoft May 2018 Patch Tuesday includes security patches for 67 vulnerabilities, including two zero-days that have already been exploited in the wild by threat actors. The […]
Security experts at 401TRG, the threat research and analysis team at ProtectWise, have discovered links between several Chinese APT groups under the Winnti umbrella. The experts analyzed several campaigns conducted by the cyber espionage groups over the last years and associated their activities with the Chinese Government, in one case the nation-state actor was working from the […]
Security researchers from Kaspersky Lab have uncovered a new cyber-espionage APT group tracked ZooPark that targeted entities in the Middle East during the past three years. ZooPark APT has been active at least since 2015 and has shown a growing level of sophistication across the years. “ZooPark is a cyberespionage operation that has been focusing on Middle […]
Kaspersky analyzed the serves compromised by the Energetic Bear APT and assumed with some degree of certainty that the group operates in the interests of or takes orders from customers that are external to it. Security experts at Kaspersky Lab ICS CERT have published a detailed analysis of the server compromised by the notorious Energetic […]
Security researchers at the 360 Core Security observed an APT group exploiting a zero-day vulnerability in IE, dubbed âdouble playâ. The flaw is still unfixed. Security researchers at the 360 Core Security uncovered a zero-day vulnerability in IE, dubbed âdouble playâ, that was triggered by weaponized MS Office documents. The experts have been observing an APT group targeting a […]