APT

Pierluigi Paganini October 10, 2017
FIN7 hacking group is switched to new techniques to evade detection

The financially-motivated FIN7 APT group (also known as Carbanak or Anunak) recently changed attack technique again to evade detection. The financially-motivated FIN7 APT group (also known as Carbanak or Anunak) recently changed attack technique again and has been implementing a new malware obfuscation method. The group that has been active since late 2015, it was highly active since the beginning of 2017. Fin7 was spotted early […]

Pierluigi Paganini October 01, 2017
60% of institutions in Saudi Arabia hit by malware-based attacks

According to Kaspersky Lab, sixty percent of institutions in Saudi Arabia have experienced malware-based attacks over the past 12 months. Malware continues to be one of the most dangerous threats for organizations worldwide, and data recently disclosed by security firms. According to Kaspersky Lab, Saudi Arabia is under a constant malware-based attack, the experts reported that […]

Pierluigi Paganini September 26, 2017
Even More Evidence That Russian Was Meddling in the 2016 US Election

Evidence that Russian hackers attempted to interfere with the 2016 US Election continues to pile up, DHS notified states whose systems were hit by APTs. Evidence that Russia attempted to interfere with the 2016 US Election continues to pile up. Rumours started almost as soon as the 2016 US Election was completed, individuals with the White House have […]

Pierluigi Paganini September 22, 2017
CCleaner hackers targeted tech giants with a second-stage malware

The threat actor that recently compromised the supply chain of the CCleaner software targeted at least 20 tech firms with a second-stage malware. The threat actor that recently compromised the supply chain of the CCleaner software to distribute a tainted version of the popular software targeted at least 20 major international technology firms with a […]

Pierluigi Paganini August 28, 2017
Chinese APT17 group leverages fake Game of Thrones leaks as lures

Researchers at Proofpoint spotted a cyber espionage campaign leveraging recent Game of Thrones episode leaks and attribute it to Chinese APT17 group. Security researchers at Proofpoint have uncovered a cyber espionage campaign leveraging recent Game of Thrones episode leaks to trick victims into opening malicious documents sent via email. Experts have observed during the past week, the […]

Pierluigi Paganini August 14, 2017
North Korea-Linked Lazarus APT targets U.S. Defense contractors

The North Korea-linked Lazarus APT group as Lazarus is believed to be behind attacks targeting United States defense contractors. According to Palo Alto Networks, the North Korea-linked Lazarus APT group as Lazarus is believed to be behind attacks targeting United States defense contractors. The activity of the Lazarus APT Group surged in 2014 and 2015, […]

Pierluigi Paganini July 24, 2017
Spring Dragon APT used more than 600 Malware samples in different attacks

The threat actor behind Spring Dragon APT has been developing and updating its wide range of tools throughout the years, new attacks reported in South Asia. According to a new report published by Kaspersky Lab, the China-linked APT group Spring Dragon (aka Lotus Blossom, Elise, and Esile) has used more than 600 malware samples in […]

Pierluigi Paganini July 21, 2017
Microsoft sued Fancy Bear to gain control of the domains used in the cyber espionage campaigns

Microsoft used the lawsuit to disrupt a large number of cyber espionage campaigns conducted by infamous Fancy Bear APT hacking group We have discussed several times about hacking back and the case we are going to analyze is a good example of an alternative approach to hit back an APT group. Microsoft used the lawsuit […]

Pierluigi Paganini July 10, 2017
FBI and DHS warn of targeted attacks on US Nuclear Facilities

Since May, APT actors have been penetrating the networks of US companies that operate nuclear facilities and that works in the energy industry. According to a joint report issued by the Department of Homeland Security and the FBI published last week, since May, hackers have been penetrating the networks of businesses that operate nuclear power stations, manufacturing […]

Pierluigi Paganini June 18, 2017
Kasperagent malware used in a new campaign leveraging Palestine-Themed decoy files

Researchers uncovered a new cyber espionage campaign involving the Kasperagent spyware delivered with Palestine-Themed decoy files. In March, experts at security firm Qihoo 360 have spotted a cyber espionage campaign conducted by a threat actor tracked as APT-C-23 and Two-Tailed Scorpion. A few weeks later, in April, researchers at Palo Alto Networks and ClearSky also shared the […]