Collaborate Disseminate
The notorious Russian cyberespionage group known as APT28, Fancy Bear and Sofacy is targeting government organizations using a new Trojan program called Cannon. Researchers from Palo Alto Networks detected new spear-phishing campaigns from APT28 at th… Continue reading APT28 Pulls Out New Malware Cannon
The Russian-speaking threat group is changing up its tactics. Continue reading Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan
US Cyber Command, a part of the military tasked with hacking and cybersecurity operations, says it is releasing malware samples as an information sharing effort. Continue reading The US Military Just Publicly Dumped Russian Government Malware Online
For this blogpost we gathered all the sinkhole data for Dutch IPs in the last four years, which amounts to around 85,000 entries. The aim is to give an overview of which APT groups are active in the Netherlands and what they are interested in. Continue reading Threats in the Netherlands
Olympic Destroyer, the threat actor that targeted the 2018 Winter Olympics in Pyeongchang, South Korea, has launched new attacks against organizations from Russia, Ukraine and several other European countries. To sabotage the 2018 Winter Olympics comp… Continue reading Olympic Destroyer Moves from Pyeongchang to Europe and Russia
In January, we uncovered a sophisticated mobile implant Skygofree that provides attackers with remote control of infected Android devices. Network worm OlympicDestroyer attacked on the Olympic infrastructure just before the opening of the games in February. Continue reading IT threat evolution Q1 2018
Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang. Continue reading A Closer Look at APT Group Sofacy’s Latest Targets
Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a prolific, well resourced, and persistent adversary. They are sometimes portrayed as wild and reckless, but as seen under our visibility, the group can be pragmatic, measured, and agile. Continue reading Masha and these Bears
Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a highly active and prolific APT. From their high volume 0day deployment to their innovative and broad malware set, Sofacy is one of the top groups that we monitor, report, and protect against. 2017 was not any different in this regard. Continue reading A Slice of 2017 Sofacy Activity
root9B, a company that many in the security industry considered little more than a big-name startup aimed at cashing in on the stock market’s insatiable appetite for cybersecurity firms, surprised no one this week when it announced it was ceasing operations at the end of the year.
Founded in 2011, Colorado Springs, Colo. based root9B Technologies touted itself as an IT security training firm staffed by an impressive list of ex-military leaders with many years of cybersecurity experience at the Department of Defense and National Security Agency (NSA). As it began to attract more attention from investors, root9B’s focus shifted to helping organizations hunt for cyber intruders within their networks. Continue reading R.I.P. root9B? We Hardly Knew Ya!