Delaware, USA – December 23, 2019 – Chinese state-sponsored cyberespionage group resurfaced with new operations targeted at multiple industries, Managed Service Providers, and government entities. Fox-IT experts discovered the APT20 group’s activity during the investigation of a data breach in one of the attacked organization and dubbed the campaign “Operation Wocao.” The group has been […]
Delaware, USA – December 18, 2019 – We are excited to announce that 10 of the most active developers submitting content to SOC Prime’s Threat Bounty Program (https://my.socprime.com/en/tdm-developers) will receive special gifts for 2019 Holiday Season! Together with our partner Elastic, we are giving 10 certificates to attend online training course of Elastic Machine Learning […]
Delaware, USA – December 12, 2019 – TrickBot operators offer access to high-profile targets not only to other cybercriminals but also to state-sponsored threat actors. In October, NTT Security published a report on the appearance of a new and much more advanced version of the TrickBot – Anchor project. Researchers believe that attackers evaluate the […]
Delaware, USA – December 11, 2019 – Waterbear modular malware is a development of cyberespionage group BlackTech and is often used in attacks on technology companies and government agencies in East Asia. Last year the group made the headlines distributing Plead backdoor signed with legitimate code-signing certificates previously stolen from Taiwanese companies: D-LINK and Changing […]
Delaware, USA – December 10, 2019 – The relatively new ransomware strain is used in targeted attacks on organizations, and its authors are looking for affiliates with access to corporate networks. During an investigation of the ransomware outbreak in one of the customers, researchers at Sophos drew attention to Snatch ransomware, which appeared about a […]
Delaware, USA – December 9, 2019 – Since at least the spring of 2019, the Vietnamese APT group has had access to the networks of the German manufacturer BMW – Bayerischer Rundfunk reports. The fact of compromise became known when the security team discovered the Cobalt Strike penetration testing tool on the company’s computers, which has […]
Delaware, USA – December 6, 2019 – One of the biggest data center providers in the United States confirmed the cybersecurity incident affected customers primarily serviced by CyrusOne’s New York Data Center. CyrusOne does not disclose the details of the attack and conducts an investigation. At the same time, ZDNet has evidence indicating that Sodinokibi […]
Delaware, USA – December 5, 2019 – The joint development of two Iranian APT groups, xHunt and APT34, has similarities to the latest versions of Shamoon data-wiping malware and is used in attacks on energy companies in the Middle East. For the first time, researchers from IBM X-Force encountered ZeroCleare malware in late September, and […]
Delaware, USA – December 4, 2019 – One of the units of the Lazarus group continues to prepare cryptocurrency-related attacks similar to AppleJeus operation. This week security researcher Dinesh Devadoss found ‘fileless’ MacOS malware with a very low detection rate and which is capable of loading a mach-O executable file from memory and executing it. […]
Delaware, USA – December 3, 2019 – Python-based Remote Access Trojan is active at least from 2018 remaining under the radar of security researchers. PyXie RAT was uncovered by Blackberry Cylance researchers who revealed that this malware is used in an ongoing sophisticated cyber-criminal operation, and adversaries already managed to compromise over 30 organizations in […]