You searched for OilRig | SC Media

Your search for OilRig returned 14 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Cybercrime remove

Your search for OilRig returned 14 results

Sort Results:

Relevant Recent

Did you mean: oblig

Malware

Double trouble: TwoFace webshell linked to malicious websites targeting Israeli institutions

An analysis of a recently discovered webshell used to harvest credentials from an unnamed Middle Eastern organization has unearthed a complex malicious infrastructure that appears to be targeting Israeli institutions and may possibly be linked to the Iranian APT group OilRig, according to researchers. The webshell, called TwoFace, was discovered by Palo Alto Networks’ Unit…
APTs/cyberespionage

Report: Multiple groups likely collaborating on Shamoon malware campaign

Analysis of the 2016-2017 Shamoon malware attacks against Saudi organizations suggests that multiple hacker groups may be collaborating on this effort on behalf of a nation-state actor, according to a new blog post and technical analysis published this week by McAfee. “We found that the latest Shamoon campaigns… are connected to other notable campaigns, and…
Security News

DarkHydrus RogueRobin uses Google Drive as C2 channel

A custom malware dubbed RogueRobin is using Google Drive as an alternative command and control channel. Palo Alto’s Unit 42 researchers have been monitoring the malware used by the DarkHydrus APT group and which is hidden in a series of Arabic language spear phishing emails laced with macro-enabled Excel documents with the .xlsm file extensions,…
APTs/cyberespionage, Cybercrime, Security News

Fox Kitten APT campaign exploits VPN flaws hours after public disclosure

Iranian APT actors have engaged in a long-running cyber espionage and data theft campaign that has victimized dozens of companies around the world, typically compromising them via virtual private network and Remote Desktop Protocol services, according to a new research report. Vulnerable VPNs have been such a favorite attack vector of choice among these actors…
APTs/cyberespionage, Malware, Security News, Website/Web Server Security

DNSpionage actors adjust tactics, debut new remote administration tool

The actors responsible for the DNSpionage DNS hijacking campaign have altered some of their tactics, techniques and procedures (TTPs), introducing a new reconnaissance phase as well as a new malicious remote administration tool called Karkoff. Discovered last November, the operation primarily targets Lebanon- and United Arab Emirates-affiliated .gov domains, commandeering the websites’ DNS servers so…
APTs/cyberespionage, Cybercrime, Malware, Security News

Shamoon disk wiper attack on Saipem signals new affront against energy sector, Middle Eastern interests

The malware used to disrupt the global operations of Italian energy contractor Saipem S.p.A. earlier this week was none other than Shamoon, a disk wiper that’s been used in two prior attacks against Saudi interests. Saipem identified Shamoon as the culprit in a Dec. 12 news release that updated its previously vague disclosure of the incident.…
Next post in Cryptocurrency