Tag: APT

Trojanized IDA Pro
Detecting Trojanized IDA Pro Installers Distributed by Lazarus Hackers

The infamous Lazarus APT strikes again, with security professionals being under attack during the most recent campaign. State-sponsored actor leverages a pirated version of the widely-used IDA Pro reverse engineering application to compromise researchers’ devices with backdoors and remote access Trojans (RATs). NukeSpeed RAT Delivered via Trojanized IDA Pro  According to the research by ESET, […]

Read More
MysterySnail Attack Detection

Security experts from Kaspersky uncovered a sophisticated cyber-espionage campaign that leverages a zero-day bug in Windows (CVE-2021-40449) to attack IT firms, military contractors, and diplomatic institutions. The campaign was attributed to a China-backed APT group tracked as IronHusky. The hacker collective exploited a recently-discovered CVE-2021-40449 to infect systems with a previously unknown remote access Trojan […]

Read More
FoggyWeb Detection
FoggyWeb Backdoor Detection

Microsoft has recently uncovered yet another piece of malware leveraged by the infamous NOBELIUM APT group since spring 2021. The new threat, dubbed FoggyWeb, acts as a post-exploitation backdoor able to exfiltrate information from Active Directory Federation Services (AD FS) servers. Malware has been used in targeted attacks against multiple organizations globally while staying unnoticed […]

Read More
Defending Against Ransomware Attacks in 2021

The cybersecurity community is facing a crisis caused by the escalating threat of high-profile ransomware attacks. Advancing the trend of 2020, ransomware continues to be the number one problem in 2021, with the increasing sophistication of intrusions and a constantly growing number of malicious affiliates.  Big enterprises remain to be the primary target. Yet, the […]

Read More
Dark Halo APT Stands Behind SolarWinds Hack, Malwarebytes Breach

A new sophisticated APT group, dubbed Dark Halo (UNC2452, SolarStrom), has recently emerged in the cyber-security arena, gathering top press headlines during the last months. Researchers believe this advanced actor might stand behind the historical SolarWinds hack as well as the attack against Malwarebytes security vendor. Who is Dark Halo? Security experts from Volexity estimate […]

Read More
Bayern Holds Out Against Winnti Malware

Delaware, USA – April 5, 2019 – German chemical giant Bayer stood a cyber attack that was meant to steal the company’s sensitive data, Reuters informed. The malware that was further identified as typical of the Chinese Winnti group had infiltrated the system early last year and was closely monitored by Bayer’s Cyber Defence Center […]

Read More
Petya.A / NotPetya is an AI-powered cyber weapon, TTPs lead to Sandworm APT group

It’s been a hot summer for security industry: in less than a week since the initially suspected ransomware Petya.A has turned out to be much more than meets the eye. Security researchers around the world have rightfully dubbed it NotPetya and EternalPetya, as the malware was never meant to ask for ransom – it was […]

Read More