cyber espionage

Pierluigi Paganini March 10, 2018
North Korean Hidden Cobra APT targets Turkish financial industry with new Bankshot malware

McAfee Advanced Threat Research team discovered that the Hidden Cobra APT group is targeting financial organizations in Turkey. North Korea-linked APT group Hidden Cobra (aka Lazarus Group) is targeting the Turkish financial system. Experts from McAfee observed the hackers using the Bankshot implant in targeted attacks against the financial organizations in Turkey. The attack resembles previous attacks conducted […]

Pierluigi Paganini March 08, 2018
Leaked NSA dump contains tools developed by NSA Territorial Dispute to track state-sponsored hackers

A specific NSA unit, dubbed NSA Territorial Dispute (TeDi) developed these scripts to monitor activities of nation-state actors. Security experts at CrySyS Lab and Ukatemi have revealed that the NSA dump leaked one year ago by the Shadow Brokers hacker group also contains a collection of scripts and scanning tools the NSA uses to track operations of foreign state-sponsored […]

Pierluigi Paganini March 01, 2018
DPA Report: Russia-linked APT28 group hacked Germany’s government network

Germany Government confirmed that hackers had breached its computer network and implanted a malware that was undetected for one year. German news agency DPA reported that Russian hackers belonging to the APT28 group (aka Fancy Bear, Pawn Storm, Sednit, Sofacy, and Strontium) have breached Germany’s foreign and interior ministries’ online networks. The agency, quoting unnamed security sources, revealed that the […]

Pierluigi Paganini February 21, 2018
Russia-linked Sofacy APT group shift focus from NATO members to towards the Middle East and Central Asia

Experts from Kaspersky highlighted a shift focus in the Sofacy APT group’s interest, from NATO member countries and Ukraine to towards the Middle East and Central Asia. The Russia-linked APT28 group (aka Pawn Storm, Fancy Bear, Sofacy, Sednit, Tsar Team and Strontium.) made the headlines again, this time security experts from Kaspersky highlighted a shift focus in their interest, from NATO member […]

Pierluigi Paganini February 21, 2018
North Korean APT Group tracked as APT37 broadens its horizons

Researchers at FireEye speculate that the APT group tracked as APT37 (aka Reaper, Group123, ScarCruft) operated on behalf of the North Korean government. Here we are to speak about a nation-state actor dubbed APT37 (aka Reaper, Group123, ScarCruft) that is believed to be operating on behalf of the North Korean government. APT37 has been active since at least […]

Pierluigi Paganini February 12, 2018
CSE CybSec ZLAB Malware Analysis Report: Dark Caracal and the Pallas malware family

Researchers from CSE ZLAB malware Analysis Laboratory analyzed a set of samples of the Pallas malware family used by the Dark Caracal APT in its hacking operations. The malware researchers from ZLab analyzed a collection of samples related to a new APT tracked as Dark Caracal, which was discovered by Electronic Frontier Foundation in collaboration […]

Pierluigi Paganini February 02, 2018
Chinese Iron Tiger APT is back, a close look at the Operation PZChao

Chinese Iron Tiger APT is back, the new campaign, dubbed by Operation PZChao is targeting government, technology, education, and telecommunications organizations in Asia and the US. Malware researchers from Bitdefender have discovered and monitored for several months the activity of a custom-built backdoor capable of password-stealing, bitcoin-mining, and of course to gain full control of the […]

Pierluigi Paganini January 26, 2018
The Dutch intelligence service AIVD ‘hacked’ Russian Cozy Bear systems for years

Spying on spies – The hackers from the Dutch intelligence service AIVD ‘compromised’ for years the network of the Russian APT Cozy Bear. It’s not a mystery, technology firms that intend to work with Russia need to allow the Government experts to scan their code for backdoors and vulnerabilities. The problem is that this software […]

Pierluigi Paganini January 19, 2018
Dark Caracal APT – Lebanese intelligence is spying on targets for years

A new long-running player emerged in the cyber arena, it is the Dark Caracal APT, a hacking crew associated with to the Lebanese General Directorate of General Security that already conducted many stealth hacking campaigns. Cyber spies belonging to Lebanese General Directorate of General Security are behind a number of stealth hacking campaigns that in […]

Pierluigi Paganini January 16, 2018
Powerful Skygofree spyware was reported in November by Lukas Stefanko and first analyzed by CSE CybSec

The Skygofree spyware analyzed by Kaspersky today was first spotted by the researcher Lukas Stefanko and the first analysis was published last year by the CSE Cybsec ZLab. Security researchers at Kaspersky Lab have made the headlines because they have spotted a new strain of a powerful Android spyware, dubbed Skygofree, that was used to gain full control […]