US Treasury sanctions three North Korean hacking groups

The US Department of the Treasury imposed sanctions today on three North Korean state-controlled hacking groups, which US authorities claim to have helped the Pyongyang regime raise funds for its weapons and missile programs. US officials cited three hacking groups Read More …

Iranian hackers resume credential-stealing phishing attacks against universities around the world

An Iranian hacking operation has expanded a global phishing campaign that targets universities in an attempt to steal usernames and passwords. Dubbed Colbalt Dickens, the campaign was initially detailed in August last year, with researchers at Secureworks blaming cyberattacks targeting universities in 14 Read More …

Russian Hacking Group Targeting Banks Worldwide With Evolving Tactics

Silence APT, a Russian-speaking cybercriminal group, known for targeting financial organizations primarily in former Soviet states and neighboring countries is now aggressively targeting banks in more than 30 countries across America, Europe, Africa, and Asia. Active since at least September Read More …

How Threat Intelligence Helps the Energy Sector Fight Cyberespionage

When it comes to cyber threats, some industries have it harder than others. Few are as heavily targeted by sophisticated cyberattacks as the energy sector. Over the last decade, state-sponsored hacking groups have routinely targeted utility networks and other energy providers for Read More …

A cyber-espionage group has been stealing files from the Venezuelan military

A cyber-espionage group known as “Machete” has been observed stealing sensitive files from the Venezuelan military, according to an ESET report published today. The group, known to have been active since 2010, has historically gone after a wide range of Read More …

Nation-State APTs Target U.S. Utilities With Dangerous Malware

Researchers believe that nation-state actors are behind several spearphishing campaigns targeting U.S. utility companies with a newly-identified malware, which has the capabilities to view system data and reboot machines. Lure emails were sent to three U.S. utilities companies between July Read More …

TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies

XENOTIME, a destructive APT linked to Russia, has broadened its target set beyond Middle East oil and gas. XENOTIME, the APT group behind the TRISIS industrial control system (ICS) event, has expanded its focus beyond the oil and gas industries, Read More …

Project TajMahal – a sophisticated new APT framework

TajMahal’ is a previously unknown and technically sophisticated APT framework discovered by Kaspersky Lab in the autumn of 2018. This full-blown spying framework consists of two packages named ‘Tokyo’ and ‘Yokohama’. It includes backdoors, loaders, orchestrators, C2 communicators, audio recorders, Read More …

4 Stuxnet-Related APTs Form Gossip Girl, an ‘Apex Threat Actor’

The infamous Stuxnet family of industrial sabotage malware is likely the work of a mysterious “supra-group” that Chronicle researchers Juan Andres Guerrero Saad and Silas Cutler have dubbed Gossip Girl; and it’s a group that turns out to be larger Read More …

Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.

Although heavily focused on the Middle East, Elfin (aka APT33) has also targeted a range of organizations in the U.S. including a number of major corporations. The Elfin espionage group (aka APT33) has remained highly active over the past three Read More …