cyber espionage

Pierluigi Paganini October 16, 2017
Iranian hackers compromised the UK leader Theresa May’s email account along with other 9,000 emails

Iranian hackers compromised 9,000 UK emails in ‘brute force’ cyber attack that was initially attributed to Russian state-sponsored hackers. On June 23, around 9,000 email accounts, including those belonging to Theresa May and other Cabinet Ministers, were hacked in the 12-hour “sustained and determined” attack cyber attack. “According to intelligence officials, the cyberattack “bombarded parliamentary email […]

Pierluigi Paganini October 11, 2017
Israel hackers caught Russian cyber spies abusing Kaspersky AV to steal NSA secrets

Israeli hackers compromised the Kaspersky infrastructure and caught Russian spies using AV tool to harvest NSA exploits. Kaspersky was not aware of the hack. There is still a heated discussion about the alleged hack of Kaspersky’s antivirus and its use to steal an NSA exploit from a US subcontractor. Explosive new revelations put at risk […]

Pierluigi Paganini October 10, 2017
FormBook malware used in high-volume distribution campaigns targeting organizations in the US and South Korea

Crooks are spreading the FormBook malware to target aerospace firms, defense contractors and some manufacturing organizations in the US and South Korea. According to researchers at FireEye, FormBook was spotted in several high-volume distribution campaigns targeting aim at Aerospace, Defense Contractor, and Manufacturing industries. The phishing emails that targeted US entities contain PDF, DOC or […]

Pierluigi Paganini October 08, 2017
Forrester, one of the most influential research and advisory firms was hacked

Forrester Research announced today that Forrester.com experienced a security breach this week, attackers were ultimately detected and shut out of the system Forrester, one of the most influential research and advisory firms in the world, revealed on Friday to have suffered a security breach the past week. The attackers broke into the infrastructure hosting the Forrester.com […]

Pierluigi Paganini October 08, 2017
HPE allowed Russians review the code of ArcSight software also used by the Pentagon

HPE gave Russian gov access to review ArcSight software that is currently used by corporate and government entities worldwide, including the Pentagon. The recent news of the alleged hack of Kaspersky products to steal NSA exploit from the personal PC of a US contractor has put in the background another equally worrying news. Another tech giant has […]

Pierluigi Paganini October 06, 2017
Russian spies pilfered data from NSA Contractor’s home PC running a Kaspersky AV

Russian hackers allegedly exploited Kaspersky AV to hack into NSA contractor and steal the NSA exploit code. It complicates Kaspersky’s position. Anonymous sources have claimed Russian intelligence extracted NSA exploits from a US government contractor’s home PC using Kaspersky Lab software. Sources told the Wall Street Journal that a malicious code allowed cyber spies to exfiltrate classified code, […]

Pierluigi Paganini October 05, 2017
CSE CybSec ZLAB Malware Analysis Report: APT28 Hospitality malware

The CSE CybSec Z-Lab Malware Lab analyzed the Hospitality malware used by the Russian APT28 group to target hotels in several European countries. The Russian hacker group APT28, also known as Sofacy or Fancy Bear, is believed to be behind a series of attacks in last July against travelers staying in hotels in Europe and Middle […]

Pierluigi Paganini September 22, 2017
CCleaner hackers targeted tech giants with a second-stage malware

The threat actor that recently compromised the supply chain of the CCleaner software targeted at least 20 tech firms with a second-stage malware. The threat actor that recently compromised the supply chain of the CCleaner software to distribute a tainted version of the popular software targeted at least 20 major international technology firms with a […]

Pierluigi Paganini September 21, 2017
ISPs in at least two countries were involved in delivering surveillance FinFisher Spyware

Security researchers at ESET have uncovered a surveillance campaign using a new variant of FinFisher spyware, also known as FinSpy. Finfisher infected victims in seven countries and experts believe that in two of them the major internet providers have been involved. “New surveillance campaigns utilizing FinFisher, infamous spyware known also as FinSpy and sold to governments and their […]

Pierluigi Paganini September 21, 2017
Iranian cyber spies APT33 target aerospace and energy organizations

The Iran-linked APT33 group has been targeting aerospace and energy organizations in the United States, Saudi Arabia, and South Korea. According to security firm FireEye, a cyber espionage group linked to the Iranian Government, dubbed APT33, has been targeting aerospace and energy organizations in the United States, Saudi Arabia, and South Korea. The APT33 group has […]