DarkHydrus abuses Google Drive to spread RogueRobin Trojan

The DarkHydrus advanced persistent threat (APT) group is back and this time is not only using Windows vulnerabilities to infect victims but is also abusing Google Drive as an alternative communications channel. Last week, researchers from the 360 Threat Intelligence Center (360TIC) Read More …

LoJax rootkit used by Russian-linked Fancy Bear has been silently active since 2016

Researchers have discovered that LoJax, the malware that formed the foundation for devastating Fancy Bear attacks in 2018, has been silently active for years. Use of this infrastructure by the Russian-linked hacking group was exposed in September 2018, just a Read More …

Newsmaker Interview: Bruce Schneier on Physical Cyber Threats

Bruce Schneier discusses the clash between critical infrastructure and cyber threats. Attacks on physical devices and infrastructure offer a new target for cyber crime, a new opportunity for espionage and even a few front in cyber war. Rather than exploit Read More …

First-Ever UEFI Rootkit Tied to Sednit APT

Researchers hunting cyber-espionage group Sednit (an APT also known as Sofacy, Fancy Bear and APT28) say they have discovered the first-ever instance of a rootkit targeting the Windows Unified Extensible Firmware Interface (UEFI) in successful attacks. The discussion of Sednit was part of the 35C3 Read More …

Five other countries formally accuse China of APT10 hacking spree

After the US Department of Justice charged two Chinese nationals for being members of a state-sponsored hacking group and accused the Chinese government of orchestrating a string of hacks around the world, five other governments have stepped in with similar accusations. Australia, Read More …

U.S. Indicts China-Backed Duo for Massive, Years-Long Spy Campaign

The homeland security implications are significant: the two, working with Beijing-backed APT10, allegedly stole sensitive data from orgs like the Navy and NASA. The Department of Justice on Thursday charged two Chinese hackers with stealing “hundreds of gigabytes” of data Read More …