APTs/cyberespionage news & analysis | SC Media

APTs/cyberespionage

‘Brazen’ nation-state actors behind ‘Sea Turtle’ DNS hijacking campaign

State-sponsored hackers are behind a large-scale DNS hijacking campaign that since January 2017 has been responsible for compromising at least 40 organizations across 13 countries, researchers from Cisco Talos have reported. Primarily targeting the Middle East and North Africa, the attackers are looking to harvest credentials that grant them access to sensitive networks belonging to…

Kaspersky Labs

European Commission: No evidence Kaspersky software is malicious

The European Commission yesterday acknowledged in a public document that it possesses no evidence to support the notion that software from Russia-based Kaspersky Lab software is malicious. The admission comes about 10 months after the European Parliament passed a resolution calling for the European Union to ban dangerous software, naming Kaspersky products as specific example.…

Ukraine-Map

Five-year cyber espionage campaign targeting Ukraine potentially linked to Luhansk People’s Republic

Researchers believe hackers from the breakaway Luhansk People’s Republic (LPR) may be behind a spear phishing-based malware campaign that’s been actively targeting the Ukrainian government. The researchers, from FireEye, disclosed their assessment following their investigation into a malware-laced email that they were able to tie back to a 2018 phishing campaign designed to to deliver…

Bernie Sanders

Russia targeted Sanders supporters on Twitter to sway support to Trump

“Bernie bros” weren’t the only ones who tweeted furiously about Bernie Sanders during the 2016 presidential campaign. Russian trolls on Twitter targeted Sanders supporters in an effort to sway them toward candidate Donald Trump, according to researchers at Clemson University.  Pointing out that the tweets occurred at a “higher volume than people thought,” Darren Linvill,…

U.S. agencies issue report on Hidden Cobra threat group’s HOPLIGHT malware

The U.S. Department of Homeland Security and FBI have jointly released an official Malware Analysis Report detailing several variants of HOPLIGHT, a trojan malware program used by hackers from Hidden Cobra, an APT group that’s been widely linked to the North Korean government. Upon execution, HOPLIGHT allows attackers to collect victim machine information, connect to…

Assange arrested on hacking charge and removed from embassy, to be extradited to U.S.

After seven years holed up in the Ecuadorian Embassy in London, WikiLeaks founder Julian Assange was arrested on behalf of the U.S. on conspiracy to conduct computer intrusion on the United States, according to an indictment unsealed this morning. U.K. special police entered the embassy and forcibly removed a bedraggled Assange, who shouted and resisted…

Researchers uncover new ‘TajMahal’ APT framework, plus a new Gaza Cybergang malware campaign

Researchers at Kaspersky Lab today issued a pair of reports, one revealing a newly discovered sophisticated APT framework and the other detailing the recent operations of the threat actor known as Gaza Cybergang Group1. Dubbed TajMahal, the APT framework is a fully loaded malicious toolset, replete with backdoors, loaders, orchestrators, C2 communicators, audio recorders, keyloggers,…

Flame

Stuxnet research reveals possible 4th accomplice, newly discovered versions of Flame and Duqu malware

Recent research into old malware threats associated with the Stuxnet attacks against Iran’s nuclear program roughly one decade ago turned up several new discoveries, including a possible fourth collaborator in the clandestine operation, as well as previously unknown versions of Flame and Duqu malware. Today, Alphabet’s cybersecurity subsidiary Chronicle revealed the findings of its researchers…

Trump boots Secret Service chief in DHS shakeup

A day after Kirstjen Nielsen was reportedly dismissed as Department of Homeland Security (DHS) secretary, President Trump abruptly fired the director of the U.S. Secret Service (USSS), Randolph “Tex” Ailes and named USSS Assistant Director of the Office of Protective Operations James Murray to replace him. “United States Secret Service director Randolph ‘Tex’ Alles has…

Trump

Chinese woman arrested with malware-laced thumb drive after illegally entering Mar-a-Lago

A Chinese national was arrested after she illegally entered President Trump’s Mar-a-Lago resort in Florida March 30 and was found to be carrying a thumb drive containing malware as well as a laptop, a “hard drive type” device and four cell phones.  Yujing Zhang allegedly gained access to the property, claiming to be attending a…

Next post in Security News