APT | SC Media APT

APT

Mitsubishi Electric discloses June 2019 breach; Tick hacking group reportedly blamed

Japanese manufacturer Mitsubishi Electric has acknowledged its discovery last June of a data breach perpetrated by an unauthorized third party that accessed both personal employee information and corporate materials. The public disclosure came amid multiple English and Japanese news sources publishing details on the incident [1, 2, 3, 4, 5], which experts believe may be…

Report: FBI issues alert after two municipalities hacked via SharePoint

The FBI this month reportedly issued an alert to its private industry partners, warning that a probable nation-state hacking group had recently compromised the networks of two U.S. municipalities via unpatched, vulnerable Microsoft SharePoint servers. According to the report, from ZDNet, the flaw the hackers reportedly abused was CVE-2019-0604, a remote code execution bug caused by…

APT40 hacking group linked to 13 alleged front companies in Hainan, China

The mysterious research group Intrusion Truth has unleashed a new series of reports claiming that 13 businesses based in the southern island province of Hainan, China are collectively a front for reputed Chinese state-sponsored hacking group APT40. The alleged front companies all purport to be science and technology businesses seeking to hire pen testers, software development…

Bahraini oil company reportedly attacked by new ‘Dustman’ disk wiper

Bapco, the national oil company of the Persian Gulf island nation of Bahrain, was reportedly targeted in a Dec. 29 disk wiper attack that officials believe originated from Iran-backed hackers. Iran is historically associated with past disk wiper campaigns against energy companies, most notably the destructive Shamoon or Disttrack malware attack against the Saudi Arabian…

Reputed Vietnamese APT group hacks BMW, Hyundai: report

The reputed Vietnamese APT group OceanLotus is believed responsible for recently hacking into the networks of German car manufacturer BMW, as well as South Korea’s Hyundai, presumably to spy on their automotive trade secrets. German broadcaster Bayerricscher Rundfunk, which broke the story, reported (in an article translated into English) that BMW caught the intrusion early…

APT33 sics small, elusive botnets on U.S. and global targets

Reputed Iranian threat actor APT33 has been employing more than a dozen secret botnets to infiltrate and spy on the networks of various Middle Eastern, U.S. and Asian organizations, and are even setting up their own VPN networks to conceal their operations, according to researchers. Trend Micro described these findings in a blog post this…

‘Kardashian jokes and then a really racist tweet’: How Russian social media trolls suckered in Americans

Camille Francois remembers the day she learned that the U.S. Senate Select Committee on Intelligence was granting her the extraordinary opportunity to research the extent of Russia’s influence operations during 2016 presidential election campaign. SC Podcast “Our CEO [John Kelly]… said, ‘Hey Cam, what would you say if we had access to the actual data…

We interviewed cyber experts on a Vegas ferris wheel. Then ride security showed up…

In the film “Ocean’s 11,” Danny Ocean and his team of expert cybercriminals execute a daring casino heist in glitzy Las Vegas. This past summer at the Black Hat and DEF CON conferences in Sin City, the editorial staff at SC Media attempted to pull off a less ambitious – and decidedly more legal –…

Officials preparing for cyber attacks, scams as Olympics nears

Microsoft: Russia again hacks anti-doping and sports agencies

Facing possible exclusion from the 2020 Summer Olympics in Tokyo and other major athletic events, Russia once again has been attempting to hack anti-doping agencies and sports organizations, Microsoft reported yesterday. In attacks that started on Sept. 16, the reputed Russian APT Fancy Bear targeted at least 16 national and international sports organizations across three…

Next post in Cybercrime