The reputed Vietnamese APT group OceanLotus is believed responsible for recently hacking into the networks of German car manufacturer BMW, as well as South Korea’s Hyundai, presumably to spy on their automotive trade secrets. German broadcaster Bayerricscher Rundfunk, which broke the story, reported (in an article translated into English) that BMW caught the intrusion early…
Intezer Security has found a new backdoor, ACBackdoor, that has no known connection to an operating threat group creating the possibility it could be a harbinger of a new gang’s formation. ACBackdoor is primarily a Linux malware, but Intezer has spotted a Windows variant and the company believes it was created by an experienced group…
Reputed Iranian threat actor APT33 has been employing more than a dozen secret botnets to infiltrate and spy on the networks of various Middle Eastern, U.S. and Asian organizations, and are even setting up their own VPN networks to conceal their operations, according to researchers. Trend Micro described these findings in a blog post this…
Camille Francois remembers the day she learned that the U.S. Senate Select Committee on Intelligence was granting her the extraordinary opportunity to research the extent of Russia’s influence operations during 2016 presidential election campaign. SC Podcast “Our CEO [John Kelly]… said, ‘Hey Cam, what would you say if we had access to the actual data…
In the film “Ocean’s 11,” Danny Ocean and his team of expert cybercriminals execute a daring casino heist in glitzy Las Vegas. This past summer at the Black Hat and DEF CON conferences in Sin City, the editorial staff at SC Media attempted to pull off a less ambitious – and decidedly more legal –…
Facing possible exclusion from the 2020 Summer Olympics in Tokyo and other major athletic events, Russia once again has been attempting to hack anti-doping agencies and sports organizations, Microsoft reported yesterday. In attacks that started on Sept. 16, the reputed Russian APT Fancy Bear targeted at least 16 national and international sports organizations across three…
The Czech-based security firm Avast reported its internal network had been accessed through a temporary and loosely protected VPN profile with compromised credentials . The incident began on September 23 when the company noted suspicious behavior taking place on its network and started an investigation that included Czech national intelligence and cybersecurity assets. It was…
The threat group APT 29 has apparently returned to action with ESET uncovering three new malware families it is attributing to the cybergang. Apt 29/The Dukes is best known as being the primary suspect behind the Democratic National Committee breach during the runup to the 2016 U.S. presidential election, but the group had remained quiet…
A thorough investigation into reputed Chinese APT actor Winnti Group turned up a previously undocumented backdoor that was used to compromise a popular Asian mobile hardware and software vendor — perhaps as a prelude to launching a major supply chain attack against its users. Dubbed PortReuse, the modular malware is a passive network implant that…
Cyber espionage actors have developed a malware that can mark victims’ TLS-encrypted outbound traffic with identifiers so it can be compromised and potentially decoded later. Dubbed Reductor, the malware appears to share similar code to the COMpfun trojan, which was first documented in 2014 and is closely associated with suspected Russian APT group Turla, aka…
