APTs/cyberespionage news & analysis | SC Media

APTs/cyberespionage

Hacker-for-hire groups profit by commoditizing APT tactics

In the span of just over three months, researchers have exposed three mercenary, “hacker-for-hire” groups engaging in industrial espionage and stealing corporate secrets for profit. Despite using tactics, techniques and procedures that are more typical of a nation-state ATP group, these threat actors –  Dark Basin, DeathStalker and an unnamed third entity group detailed late last month by Bitdefender –…

electric power

Is the electric grid closer to a devastating cyberattack that could mean lights out?

Could the electric grid really be taken down with a $50 device secreted in the bottom of a coffee cup as some researchers have claimed? Perhaps. But the more likely threat comes from bad actors with markedly improved capabilities who’ve ramped up their attacks on critical infrastructure and utilities. Consider that 70 percent of industrial…

SMBs assaulted by ‘mercenary’ DeathStalker APT espionage campaigns

The hacker collective known as DeathStalker has recently widened its footprint to include small to medium-sized business (SMB) targets in the financial sector throughout Europe, Middle East, Asia and Latin America. Deathstalker’s tactics, techniques and procedures aren’t different from when it first emerged as a hacker-for-hire, according to Kaspersky, which tracked Deathstalker’s activities for the…

U.S. urges Linux users to secure kernels from new Russian malware threat

Linux users should not assume they are safe from the ambitions and reach of reputed Russian hacking group Fancy Bear, which has been using a newly disclosed malware toolset to establish a command-and-control connection with infected Linux systems. Called Drovorub, the toolset essentially creates a backdoor that enables file downloads and uploads, the execution of…

Trade minister hack led to trade secrets leak before U.K. election

The hack of a U.K. trade minister’s email account – the result of a spear phishing campaign likely engineered by Russian operatives –  led to the leak of U.S.-U.K. trade documents and perpetuated a disinformation campaign credited with influencing the 2019 U.K. election. Hackers were able to successfully access the email of Trade Minister Liam…

China targets networks with new Taidoor malware attacks

Wielding a new remote access trojan (RAT) dubbed Taidoor, Chinese government-supported hackers are behind a series of cyberespionage campaigns. Although it offered no details on the possible targets, CISA warned of the malware variants, noting that “the FBI has high confidence that Chinese government actors are using [them] in conjunction with proxy servers to maintain…

Media companies need to lock down content systems as fake news invades

Social media companies have started to become more efficient at recognizing and taking down fake accounts designed to spread fake news and propaganda. But operators of traditional media websites and other digital platforms that regularly publish vital news information to the public may also want to train themselves be on the lookout for disinformation secretly…

Next post in Website/Web Server Security