Through its US-CERT division, the U.S. Department of Homeland Security yesterday issued a new analysis report on a remote access trojan called KEYMARBLE that the agency says has been attributed to Hidden Cobra, a suspected North Korean APT actor.
GroupSense researchers investigating an email address affiliated with Russia's Internet Research Agency for evidence of a botnet meant to exert influence on public opinions.
Worst of both words: 'Gorgon' hackers practice both general cybercrime and targeted government attacks
A hacking group apparently based in Pakistan has been straddling the fence between cybercriminal activity and nation-state espionage, leveraging the same malicious infrastructure to both launch email spam campaigns and target government agencies in U.S., UK, Russia and Spain.
Sen. Claire McCaskill, D-Mo., an incumbent facing a tight race in the 2018 U.S. mid-term elections, has affirmed that Russian hackers are attempting to interfere with her reelection campaign, following an independent forensic analysis identifying her as a target.
Iran has once again found itself in the crosshairs of cybersecurity researchers with Palo Alto Networks' Unit 42, Symantec and the German intelligence all pointing accusatory fingers at Tehran over several recently revealed cyber campaigns.
Cyberattacks against Finland skyrocketed in the days leading up to the July 16 Helsinki summit between Donald Trump and Vladimir Putin -- the majority of which were attempts to brute force IoT devices.
The long-running Blackgear cyber espionage campaign that has largely targeted Taiwanese, Japanese and South Korean targets recently commenced a new operation that abuses legitimate blog and social media sites to establish command-and-control infrastructure.
The Russian threat group Fancy Bear appears to be behind a recent campaign that may have targeted Italy's navy with an updated version of the APT group's XAgent backdoor malware, according to researchers.
Charges include trying to damage property in a way that would harm national security, theft by an employee, activities to market defense material without a permit, and obstruction and interfering with computer material.
One year after the global NotPetya disk wiper incident that both the U.S. and UK have attributed to Russia, Moscow-backed hackers may be on the verge of launching another large-scale damaging cyberattack against Ukraine, according to a Tuesday Reuters report citing a Ukrainian law enforcement official.
Symantec researchers spot three Chinese computers behind a string of cyberespionage attacks targeting private and defense-related targets in the United States and Southeast Asia, including attempting to infect a computer system that handled satellite operations.
Adobe Systems today issued patches for four software vulnerabilities in Flash Player, including a zero-day flaw that attackers have been exploiting in the wild in targeted attacks against Windows users in the Middle East, possibly in Qatar.
The Russian APT cybergang Sofacy has rolled out a new campaign based on a seldom used attack tool called Zebrocy and is using it to target government, diplomatic and other strategic organizations primarily in North America and Europe.
A remote access trojan that apparently went undiscovered for at least two years was found targeting Koreans in a spam campaign using the possible upcoming U.S.-North Korea nukes summit as a phishing lure.
The Turla cyberespionage group has implemented some new tactics over the last few months incorporating some open-source exploitation tools instead of relying solely on their own creations to run campaigns.
Microsoft Corporation's Patch Tuesday release today fixed 67 bugs, including two that have been actively exploited in zero-day attacks, and another two whose details became public.
What began as an aggressive phishing-based malware campaign against Turkish financial institutions earlier this year appears to have since burgeoned into a worldwide cyberspying and data theft operation targeting a wide range of industry sectors with at least two malicious implants.
A malicious chat app that was advertised on Facebook and sold in the Google Play store was discovered to execute a previously undiscovered spyware program linked to APT-C-23, an advanced persistent threat group allegedly with ties to Hamas.
We already have the means to significantly curtail fake news campaigns emanating from Russia and elsewhere, but it is up security practitioners, and especially online content and advertising platforms, to meaningfully employ these measures, according to Dr. Daniel Rogers, CEO of Terbium Labs.
Kaspersky Labs has detailed a large scale nation-state backed malware campaign called Operation Parliament that is targeting governments and high-level officials in the Middle East and North Africa (MENA) regions.
In his first public speech, the U.K.'s GCHQ Director Jeremy Fleming acknowledged that the agency recently coordinated a major cyber offensive operation against ISIS, significantly crippling the terrorist group's ability to recruit and coordinate attacks online.
The nine Iranian hackers who were indicted last Friday for allegedly exfiltrating 31 terabytes of research documents and credentials from academics, companies and government agencies phished many of their targets using lures intended to trick them into thinking their library accounts were cancelled.
Researchers this month discovered a new spear phishing campaign targeting government agencies with an evolved version of Sanny malware, a five-year-old information-stealer that now features a multi-stage infection process, whereby each stage is downloaded from the attacker's server.
A recently published Kaspersky Lab report that exposed a sophisticated, six-year cyber espionage campaign targeting the Middle East and Africa disrupted an active counterterrorism operation, according to an article this week by CyberScoop, citing current and former U.S. intelligence officials.
The aggressive Russian APT group Sofacy targeted yet another European government agency earlier this month, attempting to infect the organization with unknown malware using a crafty new variant of its Adobe Flash-based exploit platform DealersChoice.