APTs/cyberespionage news & analysis | SC Media

APTs/cyberespionage

Mueller sentencing memos on Cohen, Manafort point to coordination with Russian operatives during campaign

By

A trio of sentencing memos filed Friday in cases against President Trump’s former attorney Michael Cohen and his former campaign manager Paul Manafort offer the strongest indication yet of repeated contact or coordination between members of the Trump campaign and Russian operatives at a time when Russia was attempting to interfere in and exert influence…

Syrian Electronic Army claims it obtained U.S. Central Command docs via hack

Researchers: Syrian Electronic Army targeting secure messaging app users with spyware

By

The Syrian Electronic Army hacker group has reportedly been investing heavily in a scheme to infect Android device users with a spyware tool hidden inside fake app updates. Known for its ardent support of Syrian President Bashar al-Assad, the threat group is targeting in particular  users of secure messaging apps such as WhatsApp and Telegram. The SEA is…

Huawei responds to allegations of NSA hacking

Huawei CFO, daughter of founder, arrested in Canada for extradition to U.S.

By

The CFO, and daughter of the founder, of Huawei Technologies, whose equipment has raised security concerns in the U.S. government, was arrested in Canada December 1 and is awaiting extradition to the United States. While the U.S. has not given a reason for Meng Wanzhou’s arrest, early reports speculate that it may have more to…

Adobe fixes zero-day Flash bug after attackers target Russian clinic with exploit

By

Adobe Systems today issued an emergency security update for Flash Player following the discovery of a critical vulnerability that attackers were actively exploiting in a Nov. 29 phishing operation targeting a Russian state health care institution. The zero-day arbitrary code execution exploit was specifically employed against Moscow-based “Polyclinic No. 2” of the Administrative Directorate of…

Don’t lock him up: Flynn’s aid in Russia probe, other investigations earns leniency plea from Mueller

By

Special Counsel Robert Mueller recommended Tuesday night that former National Security Adviser Gen. Michael Flynn avoid prison time for lying to the FBI since he has offered “substantial assistance” on a number of ongoing investigations, including Mueller’s probe of Russian interference in the presidential election and any potential coordination between the nation-state and members of…

Russia-hack-US-election

Gamaredon, like Fancy Bear and Cozy Bear, steps up cyberattacks against Ukraine, others

By

Russia didn’t just ratchet up its aggression toward Ukraine on the high seas last week, it also stepped cyberattacks against the country and other governments and private entities around the world. Familiar threat actors Fancy Bear – using a packed Zebrocy variant and Cannon payload – and Cozy Bear – delivering a Cobalt Strike Beacon…

Manafort reportedly visited Assange three times at Ecuadorian embassy

By

WikiLeaks and former Trump campaign manager Paul Manafort denied reports that Manafort met with the site’s founder Julian Assange several times after he sought asylum at the Ecuadorian Embassy in London, the most recent just a few months before WikiLeaks began publishing emails pilfered from the DNC by Russian operatives and intended to sway the…

‘Cannon’ downloader tool added to Fancy Bear’s APT arsenal

By

A new cyber espionage campaign from the Russian APT group Fancy Bear has added some firepower in the form of a new malicious first-stage downloader tool called Cannon. Cannon diverges from Fancy Bear’s (aka Sofacy, APT28) usual downloader trojan, Zebrocy, in that it leverages email protocols for C2 communication as opposed to HTTP or HTTPS.…

fancy-bear

Cozy Bear tracks: Phishing campaign looks like work of Russian APT group

By

Recently detected spear phishing activity suggests that the Russian APT group Cozy Bear may have emerged from its hibernation and become officially operative once more. Last last week, respected cybersecurity firms CrowdStrike and FireEye both issued warnings referencing a widespread phishing campaign targeting multiple industry sectors, while implementing the tactics, techniques and procedures of Cozy…

U.S. declines to sign cybersecurity pact

By

The U.S. Monday joined Russia, North Korea and China in declining to sign a cybersecurity pact supported by 50 countries and aimed at fighting both cyberwarfare and cybercrime. The Paris Call for Trust and Security in Cyberspace agreement, part of the Paris Peace Forum, seeks to create a cyber Geneva Conventions of sorts, laying out…

Next post in APTs/cyberespionage