In the span of just over three months, researchers have exposed three mercenary, “hacker-for-hire” groups engaging in industrial espionage and stealing corporate secrets for profit. Despite using tactics, techniques and procedures that are more typical of a nation-state ATP group, these threat actors – Dark Basin, DeathStalker and an unnamed third entity group detailed late last month by Bitdefender –…
After a new threat group claiming to be Fancy Bear and the Armada Collective used a DDoS attack to take down the New Zealand stock exchange, security experts say millions of dollars in infrastructure investment make it unlikely that major stock exchanges in New York, London or Hong Kong would suffer a similar take down,…
Could the electric grid really be taken down with a $50 device secreted in the bottom of a coffee cup as some researchers have claimed? Perhaps. But the more likely threat comes from bad actors with markedly improved capabilities who’ve ramped up their attacks on critical infrastructure and utilities. Consider that 70 percent of industrial…
The hacker collective known as DeathStalker has recently widened its footprint to include small to medium-sized business (SMB) targets in the financial sector throughout Europe, Middle East, Asia and Latin America. Deathstalker’s tactics, techniques and procedures aren’t different from when it first emerged as a hacker-for-hire, according to Kaspersky, which tracked Deathstalker’s activities for the…
Mike McLellan, senior security researcher at Secureworks, talks about the discovery and investigation of one recent Chinese attack campaign that revealed how nation-state actors will leverage any code at their disposal.
The alert appears to be in reference to the trojan behind several reported employment scams attributed to North Korea
Linux users should not assume they are safe from the ambitions and reach of reputed Russian hacking group Fancy Bear, which has been using a newly disclosed malware toolset to establish a command-and-control connection with infected Linux systems. Called Drovorub, the toolset essentially creates a backdoor that enables file downloads and uploads, the execution of…
The hack of a U.K. trade minister’s email account – the result of a spear phishing campaign likely engineered by Russian operatives – led to the leak of U.S.-U.K. trade documents and perpetuated a disinformation campaign credited with influencing the 2019 U.K. election. Hackers were able to successfully access the email of Trade Minister Liam…
Wielding a new remote access trojan (RAT) dubbed Taidoor, Chinese government-supported hackers are behind a series of cyberespionage campaigns. Although it offered no details on the possible targets, CISA warned of the malware variants, noting that “the FBI has high confidence that Chinese government actors are using [them] in conjunction with proxy servers to maintain…
Social media companies have started to become more efficient at recognizing and taking down fake accounts designed to spread fake news and propaganda. But operators of traditional media websites and other digital platforms that regularly publish vital news information to the public may also want to train themselves be on the lookout for disinformation secretly…
