Delaware, USA – July 23, 2019 – Sharpness on the Middle East is reflected in cyberspace: the HelixKitten cyber espionage group (aka APT34, and OilRig) associated with the Iranian government, in the last campaign discovered, began to use new tweaks and tools. FireEye managed to stop the attack and analyze the malware used in it. […]
Delaware, USA – July 22, 2019 – The threat actor behind the frequent Megacortex ransomware attacks continues to work on malware increasing its effectiveness in infecting corporate networks. The victims of this ransomware strain are usually also infected with Emotet or Qakbot malware, and it can be assumed that the initial compromise of the organization […]
Delaware, USA – July 19, 2019 – The Chinese APT group with a nearly ten-year history of attacks added the Okrum backdoor to its arsenal, which is quite different in functionality from the rest of the group’s tools. ESET researchers track the activity of the Ke3chang group (aka APT15, Vixen Panda, Royal APT, and Playful […]
Delaware, USA – July 18, 2019 – A new modular backdoor for desktop Linux systems is developed by the Russian Gamaredon group and is not detectable by antivirus solutions. Intezer Labs researchers discovered the backdoor this month and published the analysis of the capabilities of EvilGnome malware, the modules of which, apparently, are still being […]
Delaware, USA – July 17, 2019 – New York City’s Monroe College has become a recent victim of a large-scale ransomware attack as a result of which the entire network of the educational institution was disabled. It is not known exactly which cybergang is behind this incident, but judging by the required gigantic ransom amount […]
Delaware, USA – July 16, 2019 – Since the beginning of the year, notorious Turla APT has been using new tools for cyber espionage distributed through infected installers of the legitimate software. Researchers at Kaspersky Lab analyzed the malware which is called Topinambour by its authors and the infrastructure of campaigns targeted at government agencies. […]
Delaware, USA – July 15, 2019 – Attacks on routers in Brazil started about a year ago, sometimes going beyond the borders of the country. Initially, the compromised devices were used to mine Monero cryptocurrency by injecting Coinhive script into a specially created error page. Then the attackers began to change router DNS settings and […]
Delaware, USA – July 12, 2019 – Adversaries compromise QNAP Systems devices by exploiting vulnerabilities or brute-forcing them to install eCh0raix ransomware. Network Attached Storage devices often store sensitive data and important backups in corporate networks and can be accessed over the Internet. The value of the encrypted data and the relatively low cost of […]
Delaware, USA – July 11, 2019 – Disappeared a few years ago Buhtrap group get spotted using unpatched zero-day in a cyber espionage campaign targeted at governmental institutions. The group began operations in 2014 with financially motivated attacks against businesses and banks, and their activities remained below the radar of researchers until next year. At the […]
Delaware, USA – July 10, 2019 – Sea Turtle APT group, allegedly attributed to the Iranian government, compromised the ICS-Forth network that manages the Greek top-level domains .gr and .el. About the Sea Turtle group became known in this April, but their campaigns were tracked back till 2017. The adversaries use a very unusual technique […]