state-sponsored hacking

Pierluigi Paganini October 14, 2015
Espionage campaign relying on the Zeus Trojan targets the Israeli Public Sector

Check Point discovered a series of malware-based attacks on Israeli public sector organizations that were infected by the Zeus Trojan via RTF files. Security experts at Check Point have detected a series of attacks on high-profile companies, victims were targeted by a malicious spam campaign that relies on bogus RTF file. The campaign targeted several individuals […]

Pierluigi Paganini September 24, 2015
OPM stolen data includes 5.6 Million Fingerprints

According to the a statement by OPM Press Secretary Sam Schumach on Background Investigations Incident OPM breach included 5.6 Million Fingerprints. The press secretary of the Office of Personnel Management, Sam Schumach, announced that the data breach suffered by the OPM exposed approximately 5.6 million sets of fingerprints belonging to federal employees, contractors, and other members of the staff. In […]

Pierluigi Paganini September 17, 2015
The DUKES APT – 7 years of Russian state sponsored hacking

F-Secure has published an interesting report on the cyber espionage operations conducted by the Dukes APT group, which appears linked to the Kremlin. Security researchers at F-Secure have published an interesting report detailing the cyber espionage operation of a Russian APT group, dubbed the Dukes, the experts speculate the group is backed by the Russian government. […]

Pierluigi Paganini September 02, 2015
US weighs sanctioning China and Russia in response to recent cyber attacks

The Obama administration weighs sanctioning China and Russia in response to recent cyber attacks who have exposed sensitive data of the US Govt and US firms. The US Government is considering sanctions against both Russian and Chinese hackers in response to the hacking campaign targeting US entities. The news was reported by several U.S. officials yesterday who […]

Pierluigi Paganini July 30, 2015
A part of an unclassified Pentagon email network taken down over suspicious activity

Part of a Pentagon email network taken down over suspicious activity, the US authorities are investigating on the alleged intrusion. New problems for the White House emerges from the cyberspace, a portion of the Department of Defence’s email network has been taken down over suspicious activity. According to Pentagon spokeswoman, the unclassified email network used by […]

Pierluigi Paganini May 26, 2015
Iran has foiled a cyber attack against the oil ministry

Iran – The Cyber Attacks Emergency Center in FATA has thwarted a major cyber attack  originated from US against the Oil Ministry. The Iranian Government announced that on Tuesday it had foiled a cyber-attack on the Islamic republic’s Oil Ministry. According to the Fars news agency, the Brigadier General Kamal Hadianfar, head of the cyber police, confirmed […]

Pierluigi Paganini May 19, 2015
The Naikon APT, one of the most active APTs in Asia

Experts at Kaspersky Lab published an interesting report on the activities of the Naikon APT revealing details on their infrastructures and TTPs. Naikon  is one of the Asian largest APT gangs which has been active for several years, its operations targeted entities in various industries including governments and the military. The hacking crew targeted diplomats, law enforcement, and aviation […]

Pierluigi Paganini May 14, 2015
APT28 hacking crew plans attacks on financial institutions

According to a report published by the experts at root9B the hacking crew APT28 is planning to attack several financial institutions worldwide. In October 2014, security expert at FireEye published a report on the activities conducted by a group of Russian hackers, dubbed APT28, the hacking crew is behind long-running cyber espionage campaigns that targeted US defense contractors, European security organizations and […]

Pierluigi Paganini July 22, 2014
Gyges, the mixing of commercial malware with cyber weapon code

Sentinel Labs firm discovered a sophisticated malware dubbed Gyges that is the mixing of commercial malicious code with code of alleged cyber weapon. Experts at Sentinel Labs security firm have discovered Gyges malware in the wild in March 2014, the malicious code appears very sophisticated to the researches which attributed it to a state-sponsored project. The level of complexity […]

Pierluigi Paganini July 20, 2014
Discovered a new Havex variant which hit SCADA via OPC

Researchers at FireEye have detected a new variant of Havex RAT, which scans SCADA network via Object linking and embedding for Process Control (OPC). Security experts at F-Secure and Symantec have recently announced a surge of malicious campaigns based on “Havex” malware against critical infrastructure. The bad actors behind the Havex campaign mainly targeted companies in the energy […]