Advanced Persistent Threat


NEWS 
  • APT Group Uses Catfish Technique To Ensnare Victims

    July 27, 2017

    Meet Mia Ash, a 20-something London-based photographer, amateur model, social media butterfly with a keen interest in tech-savvy guys with ties to the oil and gas industry. You guessed it. Mia Ash doesn’t exist. Ash, according to Dell SecureWorks Counter Threat Unit, is a virtual persona stitched together by the APT known as Cobalt Gypsy, OilRig, ...

  • Motivation Mystery Behind WannaCry, ExPetr

    July 21, 2017

    If two is a coincidence and three is a trend, maybe we’re not quite there yet in officially calling WannaCry and ExPetr a new movement among APT attacks. But for now, it’s close enough. Researchers are starting to examine the real motivations behind each global outbreak and whether these attacks truly signal a shift of direction ...

  • Researchers Find BlackEnergy APT Links in ExPetr Code

    July 3, 2017

    Researchers have found links between the BlackEnergy APT group and threat actors behind the ExPetr malware used in last month’s global attacks. According to researchers at Kaspersky Lab, there are strong similarities between older versions of BlackEnergy’s KillDisk ransomware compared to ExPetr code. Parallels were first identified in targeted extensions used by both BlackEnergy and ExPetr, ...

  • Group Behind NSA Dump That Led to WannaCry Opens 0-Day Exploit Subscription

    May 30, 2017

    Infamous hacking group Shadow Brokers has promised to release more zero-day exploits, such as the one that has made life a misery for some 300,000 people across the world via WannaCry. Now, the group isn’t just after wreaking havoc, but also after making some money, since the releases will be made for a special club ...

  • Fancy Bear Hackers Tainted Dumped Emails with False Data

    May 27, 2017

    Hackers from Fancy Bear, the espionage hacker group with Russian ties, reportedly snuck false information in the data trove they leaked from the Democratic National Committee during the American elections. According to a report from Citizen Lab, an organization with ties to the University of Toronto, the hackers planted information inside emails belonging to a journalist ...

  • Fancy Bear Hackers Target French Presidential Candidate

    April 25, 2017

    A phishing campaign is targeting the emails of French presidential candidate Emmanuel Macron’s campaign staff. All fingers are pointing towards Russia once more. According to security firm Trend Micro who published a new report today, there are signs of a phishing attack targeting Macron, in what feels like deja-vu. The sites that are trying to trick ...

  • Callisto Group hackers targeted Foreign Office data

    April 13, 2017

    The UK’s Foreign Office was targeted by highly motivated and well-resourced hackers over several months in 2016. The BBC understands the government has investigated the previously unreported attack that began in April last year. The UK’s National Cyber Security Centre would not say whether data was stolen. But a source told the BBC that the most sensitive Foreign ...

  • Symantec Links Espionage Group to CIA via Tools Exposed by WikiLeaks

    April 10, 2017

    Symantec announced that it had connected at least 40 attacks across 16 countries where tools obtained and exposed by WikiLeaks via the Vault 7 revelations about CIA’s espionage tactics were used. In a lengthy report, Symantec talks about a highly organized group they named Longhorn and which they linked to all these attacks. While stopping short ...

  • Russian-Speaking Turla Joins APT Elite

    April 3, 2017

    In the waning moments of his 2016 talk at the Security Analyst Summit, Thomas Rid had a drop-the-mic moment when he disclosed there were likely links between the infamous Moonlight Maze cyberespionage operation of the mid- and late-1990s and the modern-day Turla APT. Today during this year’s annual Kaspersky Lab conference, Rid, along researchers Costin Raiu and ...

  • Lazarus APT Spinoff Linked to Banking Hacks

    April 3, 2017

    The Lazarus Group, a nation-state level of attacker tied to the 2014 attacks on Sony Pictures Entertainment, has splintered off a portion of its operation to concentrate on stealing money to fund itself. The group, widely believed to be North Korean, has been linked to a February 2016 attack against the Bangladesh Central bank that resulted ...