Collaborate Disseminate
Three major APTs are involved in ongoing compromises at pharma and clinical organizations involved in COVID-19 research, Microsoft says. Continue reading Nation-State Attackers Actively Target COVID-19 Vaccine-Makers
The Russia-linked threat group is harvesting credentials for Microsoft’s cloud offering, and targeting mainly election-related organizations. Continue reading APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins
The quarterly summaries of APT activity are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private reports. This is our latest installment, focusing on activities that we observed during Q3 2019. Continue reading APT trends report Q3 2019
Targeted attacks, malware campaigns and other security news in Q2 2019. Continue reading IT threat evolution Q2 2019
The quarterly summaries of APT activity are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private reports. This is our latest installment, focusing on activities that we observed during Q2 2019. Continue reading APT trends report Q2 2019
The Russian-speaking APT acts as a support group for high-profile APTs like Sofacy and BlackEnergy. Continue reading Zebrocy: A Russian APT Specializing in Victim Profiling, Access
Zebrocy is Russian speaking APT that presents a strange set of stripes. Essentially, at our SAS2019 presentation, we publicly provided original insights on Zebrocy and their characteristics for the first time, based on five years of research and private reports on this group. Continue reading Zebrocy’s Multilanguage Malware Salad
Zebrocy and GreyEnergy, four zero-day vulnerabilities in Windows, attacks on cryptocurrency exchanges, a very old bug in WinRAR, attacks on smart devices and other events of the first quarter of 2019. Continue reading IT threat evolution Q1 2019
The malware sample that U.S. Cyber Command uploaded to VirusTotal last week is still involved in active attacks, multiple security researchers tell CyberScoop. Researchers from Kaspersky Lab and ZoneAlarm, a software security company run by Check Point Technologies, tell CyberScoop they have linked the malware with APT28, the same hacking group that breached the Democratic National Committee during the 2016 election cycle. A variant of the malware is being used in ongoing attacks, hitting targets as recently this month. The targets include Central Asian nations, as well as diplomatic and foreign affairs organizations, Kaspersky Lab’s principal security researcher Kurt Baumgartner tells CyberScoop. While ZoneAlarm can’t confirm the targets the attack is focused on, the company detected the specific malware hash in an active attack in the Czech Republic last week, Lotem Finkelsteen, ZoneAlarm’s Threat Intelligence Group Manager, tells CyberScoop. “Although we cannot confirm such an attack, Finkelsteen said, referring to the […]
The post Cyber Command’s latest VirusTotal upload has been linked to an active attack appeared first on CyberScoop.
Continue reading Cyber Command’s latest VirusTotal upload has been linked to an active attack
As hundreds of millions of Europeans prepare to go to the polls in May, Fancy Bear ramps up cyber-espionage and disinformation efforts. Continue reading Microsoft: Russia’s Fancy Bear Working to Influence EU Elections