APT33 Mounts Focused, Highly Targeted Botnet Attacks Against U.S. Victims

The Iran-linked, espionage-focused advanced threat group known as APT33 has been spotted using more than a dozen obfuscated botnets to carry out narrowly targeted attacks against government and academic targets in the Middle East, the U.S. and Asia. Each botnet, Read More …

Cybercriminals Impersonate Russian APT ‘Fancy Bear’ to Launch DDoS Attacks

Cybercriminals posing as the Russian APT group Fancy Bear have been launching DDoS attacks against companies in the financial sector and demanding ransom payments, according to a new report. The large-scale, multi-vector DDoS attacks come with accompanying ransom letter. They Read More …

US Treasury sanctions three North Korean hacking groups

The US Department of the Treasury imposed sanctions today on three North Korean state-controlled hacking groups, which US authorities claim to have helped the Pyongyang regime raise funds for its weapons and missile programs. US officials cited three hacking groups Read More …

Iranian hackers resume credential-stealing phishing attacks against universities around the world

An Iranian hacking operation has expanded a global phishing campaign that targets universities in an attempt to steal usernames and passwords. Dubbed Colbalt Dickens, the campaign was initially detailed in August last year, with researchers at Secureworks blaming cyberattacks targeting universities in 14 Read More …

Russian Hacking Group Targeting Banks Worldwide With Evolving Tactics

Silence APT, a Russian-speaking cybercriminal group, known for targeting financial organizations primarily in former Soviet states and neighboring countries is now aggressively targeting banks in more than 30 countries across America, Europe, Africa, and Asia. Active since at least September Read More …

How Threat Intelligence Helps the Energy Sector Fight Cyberespionage

When it comes to cyber threats, some industries have it harder than others. Few are as heavily targeted by sophisticated cyberattacks as the energy sector. Over the last decade, state-sponsored hacking groups have routinely targeted utility networks and other energy providers for Read More …

A cyber-espionage group has been stealing files from the Venezuelan military

A cyber-espionage group known as “Machete” has been observed stealing sensitive files from the Venezuelan military, according to an ESET report published today. The group, known to have been active since 2010, has historically gone after a wide range of Read More …

Nation-State APTs Target U.S. Utilities With Dangerous Malware

Researchers believe that nation-state actors are behind several spearphishing campaigns targeting U.S. utility companies with a newly-identified malware, which has the capabilities to view system data and reboot machines. Lure emails were sent to three U.S. utilities companies between July Read More …

TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies

XENOTIME, a destructive APT linked to Russia, has broadened its target set beyond Middle East oil and gas. XENOTIME, the APT group behind the TRISIS industrial control system (ICS) event, has expanded its focus beyond the oil and gas industries, Read More …

Project TajMahal – a sophisticated new APT framework

TajMahal’ is a previously unknown and technically sophisticated APT framework discovered by Kaspersky Lab in the autumn of 2018. This full-blown spying framework consists of two packages named ‘Tokyo’ and ‘Yokohama’. It includes backdoors, loaders, orchestrators, C2 communicators, audio recorders, Read More …