Darkhotel

Pierluigi Paganini May 14, 2020
New Ramsay malware allows exfiltrating files from air-gapped computers

Experts discovered a new strain of malware dubbed Ramsay that can infect air-gapped computers and steal sensitive data, including Word, PDF, and ZIP files. Researchers from security firm ESET discovered a new advanced malware framework named Ramsay that appears to have been designed to infect air-gapped computers and exfiltrate sensitive data. The malicious code collects […]

Pierluigi Paganini April 06, 2020
DarkHotel APT uses VPN zero-day in attacks on Chinese government agencies

DarkHotel nation-state actor is exploiting a VPN zero-day to breach Chinese government agencies in Beijing and Shanghai Chinese security-firm Qihoo 360 has uncovered a hacking campaign conducted by a DarkHotel APT group (APT-C-06) aimed at Chinese government agencies in Beijing and Shanghai. State-sponsored hackers used a zero-day vulnerability in Sangfor SSL VPN servers to gain access […]

Pierluigi Paganini February 12, 2020
Microsoft Patch Tuesday updates for February 2020 fix IE 0day flaw

Microsoft February 2020 Patch Tuesday updates address a total of 99 new vulnerabilities, including an Internet Explorer zero-day exploited in the wild. Microsoft has released the Patch Tuesday updates for February 2020 that address a total of 99 vulnerabilities, including an Internet Explorer zero-day tracked as CVE-2020-0674 reportedly exploited by the APT group. In January, Microsoft has […]

Pierluigi Paganini August 11, 2017
APT28 hackers are leveraging NSA Hacking tool to spy on Hotels guests

According to FireEye, the notorious Russia-linked APT28 group is behind an ongoing campaign targeting hotels in several European countries. According to FireEye, the notorious Russia-linked APT28 group (Pawn Storm, Fancy Bear, Sofacy, Sednit and Strontium) is behind an ongoing campaign targeting hotels in several European countries. The researchers observed many attacks targeting the networks of hotels […]

Pierluigi Paganini February 16, 2016
APT Groups don’t go under the grid after a successful attack!

What happened to some of the APT groups behind clamorous cyber attacks? Why they don’t go dark anymore after being outed, a behavior completely different from the past. I’m sure everyone remembers the Sony attack occurred in 2014, when the US Government blamed the North Korean Government for the attack, materially executed by a hacking […]

Pierluigi Paganini March 27, 2015
Hotel ANTLabs InnGate Internet Gateways vulnerable against remote exploit

The presence of a vulnerability in the ANTLabs InnGate devices used in hotels and conference centers exposes users to risk of remote exploit. Recently the security firm Cylance has discovered a vulnerability (CVE-2015-0932) affecting the ANTLabs InnGate devices that are popular Internet gateway for visitor-based networks like the one we find in hotels and convention centers. The exploitation […]

Pierluigi Paganini November 10, 2014
Darkhotel – Cybercrime crew targets execs using hotel Internet

Kaspersky revealed that a crew of criminals dubbed Darkhotel targets executives traveling across Asia through hotel internet networks. Security experts at Kaspersky Lab uncovered the Darkhotel espionage campaign, which is ongoing for at least four years while targeting selected corporate executives traveling abroad. According to the experts, threat actors behind the Darkhotel campaign aim to steal sensitive data from executives while […]