You searched for OilRig | SC Media

Your search for OilRig returned 12 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Last 2 years remove

Your search for OilRig returned 12 results

Sort Results:

Relevant Recent

Did you mean: oblig

Security News

Russian cyber spies likely hijacked Iranian APT group’s infrastructure to deliver backdoor

In early 2018, the Russian APT group Turla likely hijacked the command-and-control infrastructure of Iranian cyberespionage group OilRig, in order to deliver a custom backdoor to its intended victim, according to researchers. The unusual attack took place during one of three Turla campaigns over the last 18 months that experts from Symantec chronicled in a…
APTs/cyberespionage, Security News

APT34 hacked back by Lab Dookhtegan

A hacking group going by the name Lab Dookhtegan has posted the tools used by the infamous Iranian APT34 cyberespionage group. APT34, also known as HelixKitten and OilRig has purportedly been behind many attacks, but this time was victimized when a data dump of tools was posted on a Telegram channel, reported Bleeping Computer. The…
Malware, Phishing, Security News

LYCEUM threat group targets oil and gas, critical infrastructure orgs in MidEast

A LYCEUM threat group targeting critical infrastructure entities – including oil and gas and telecommunications organizations in the Middle East – went undetected for more than a year, according to researchers at the Dell SecureWorks Counter Threat Unit (CTU). “Stylistically, the observed tradecraft resembles activity from groups such as COBALT GYPSY (which is related to…
Security News

DarkHydrus RogueRobin uses Google Drive as C2 channel

A custom malware dubbed RogueRobin is using Google Drive as an alternative command and control channel. Palo Alto’s Unit 42 researchers have been monitoring the malware used by the DarkHydrus APT group and which is hidden in a series of Arabic language spear phishing emails laced with macro-enabled Excel documents with the .xlsm file extensions,…
APTs/cyberespionage, Security News

Russian Turla group masqueraded as Iranian hackers in attacks

The Russian hacker group Turla disguised itself as Iranians and stole state secrets from multiple countries, authorities from the U.S. and U.K. said Monday.  “Identifying those responsible for attacks can be very difficult, but the weight of evidence points towards the Turla group being behind this campaign,” Paul Chichester, director of operations at GCHQ’s National Cyber Security…
APTs/cyberespionage, Cybercrime, Security News

Fox Kitten APT campaign exploits VPN flaws hours after public disclosure

Iranian APT actors have engaged in a long-running cyber espionage and data theft campaign that has victimized dozens of companies around the world, typically compromising them via virtual private network and Remote Desktop Protocol services, according to a new research report. Vulnerable VPNs have been such a favorite attack vector of choice among these actors…
APTs/cyberespionage, Malware, Security News, Website/Web Server Security

DNSpionage actors adjust tactics, debut new remote administration tool

The actors responsible for the DNSpionage DNS hijacking campaign have altered some of their tactics, techniques and procedures (TTPs), introducing a new reconnaissance phase as well as a new malicious remote administration tool called Karkoff. Discovered last November, the operation primarily targets Lebanon- and United Arab Emirates-affiliated .gov domains, commandeering the websites’ DNS servers so…
APTs/cyberespionage, Government, Government/Defense, Security News

Report: Iran claims to have thwarted a U.S. cyberespionage operation

Iran is reportedly claiming that it successfully uprooted a CIA-led cyberespionage operation and arrested several U.S. spies in the process. “One of the most complicated CIA cyberespionage networks that had an important role in the CIA’s operations in different countries was exposed by the Iranian intelligence agencies a while ago and was dismantled,” said Ali…
APTs/cyberespionage, Cybercrime, Malware, Security News

Shamoon disk wiper attack on Saipem signals new affront against energy sector, Middle Eastern interests

The malware used to disrupt the global operations of Italian energy contractor Saipem S.p.A. earlier this week was none other than Shamoon, a disk wiper that’s been used in two prior attacks against Saudi interests. Saipem identified Shamoon as the culprit in a Dec. 12 news release that updated its previously vague disclosure of the incident.…
APTs/cyberespionage, Government, Security News, Vulnerabilities

Legacy ICS puts critical infrastructure at risk

By using search engines dedicated to scanning all open ports, or scanning the ports themselves, hackers can remotely take control of critical private and public U.S. infrastructure run largely by industrial control systems (ICS) that weren’t built with security in mind. American water and energy providers are particularly vulnerable to cyberattack because their legacy ICSs…
Next post in Security News