Collaborate Disseminate
The Czech government’s Security Information Service (BIS) revealed in a report that hackers associated with the Russian government are responsible for an email breach, compromising the email system of the country’s Ministry of Foreign Affa… Continue reading Czech Republic Blames Russia for Yearlong Email Breach
All too often, both rely on manipulating human psychology as a way of compromising entire systems or individual computers. Increasingly, the devices targeted also include those that we don’t consider to be computers – from children’s toys to security cameras. Here is our annual round-up of major incidents and key trends from 2018 Continue reading Kaspersky Security Bulletin 2018. Top security stories
Over the past two years, the Russian cyberespionage group known as APT28, Sofacy or Fancy Bear, has been the focus of many press reports, threat analyses, Western intelligence investigations and, more recently, U.S. prosecution efforts. Yet despite al… Continue reading APT28 Gets the Spotlight, But Turla Remains Russia’s Elite Hacking Unit
Russian-speaking Turla has also racked up more victims in its latest APT campaign. Continue reading Virus Bulletin 2018: Turla APT Changes Shape with New Code and Targets
Turla, also known as Venomous Bear, Waterbug, and Uroboros, may be best known for what was at the time an “ultra complex” snake rootkit focused on NATO-related targets, but their malware set and activity is much broader. Our current focus is on more recent and upcoming activity from this APT. Continue reading Shedding Skin – Turla’s Fresh Faces
The Apache Struts web development framework has received new security updates to address a critical vulnerability that could allow attackers to compromise web applications and servers. Apache Struts is widely used for developing web applications in en… Continue reading Critical Vulnerability Patched in Apache Struts
Cybersecurity is generally considered to be a highly reactive field where professionals struggle to keep up with new and emerging threats. As the profession works to become more human-centered and proactive, I have attempted to design a new modeling pr… Continue reading Decision Analysis Applications in Threat Analysis Frameworks
Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang. Continue reading A Closer Look at APT Group Sofacy’s Latest Targets
In the face of allegations that Kaspersky Lab works hand-in-hand with Russian intelligence, the Moscow-based cybersecurity published a detailed report Wednesday exposing a complex and expansive cyber-espionage operation orchestrated by what appears to be a Russia-based hacking group. The research, authored by Kaspersky’s high-level GReAT team, reveals some of the techniques, processes and tools used by an attacker with similarities to two known hacking groups, Sofacy and Turla. Both of these groups are considered advanced persistent threats (APTs) and have been linked to the Russian government by U.S. cybersecurity firms CrowdStrike and FireEye. Kaspersky rarely attributes hacking groups to particular governments. This latest activity revealed by Kaspersky is codenamed “WhiteBear,” as it resembles but doesn’t match up entirely with known Sofacy or Turla operations. WhiteBear is likely a subgroup within or campaign of Turla group, the firm says. Based on a technical analysis by Kaspersky, WhiteBear’s recent activity appears to represent […]
The post Kaspersky exposes apparent Russian cyber-espionage operation amid U.S. criticism appeared first on Cyberscoop.
Continue reading Kaspersky exposes apparent Russian cyber-espionage operation amid U.S. criticism
The Turla APT’s WhiteBear toolset was used to attack defense organizations as recently as June, and diplomatic targets in Europe, Asia and South America during most of 2016. Continue reading Turla APT Used WhiteBear Espionage Tools Against Defense Industry, Embassies