APTs | SC Media

APTs

Enigmatic cyber espionage campaign revives source code from old foe APT1

By

A newly discovered cyber espionage campaign targeting South Korea, the U.S. and Canada features malware that reuses old source code associated with the seemingly dormant or disbanded APT1 threat group. The findings raise the possibility that the reputed Chinese threat actor has resumed operations, especially because its source code was never released to the public, according to…

Clandestine ‘GreyEnergy’ APT group spawned from BlackEnergy, NotPetya actors

By

Researchers from ESET yesterday exposed a previously undisclosed threat group that descended from TeleBots, the APT group known for launching the BlackEnergy trojan and NotPetya attacks against Ukraine in recent years. Dubbed GreyEnergy, the actor is comparable to the BlackEnergy group (which later changed strategies and became known as TeleBots or Sandworm) in that it…

Iranian hackers targeting critical infrastructure

Russian DragonFly hackers accessed electrical utilities control rooms in lengthy campaign

The Russian DragonFly APT group, which last year broke into air-gapped networks run by U.S. electric utilities in a likely ongoing campaign that victimized hundreds, accessed the providers’ control rooms where they could have caused blackouts and other damage. The group, which also goes by Energetic Bear, used phishing and waterhole attacks to gain access…

Next post in APTs/cyberespionage