News • Insights • Analysis
The OceanLotus group of state-sponsored hackers are now using the web archive file format (.MHT and .MHTML) to deploy backdoors to compromised systems. The goal is to evade detection by antivirus solutions tools which are more likely to catch commonly Read More …
Hackers believed to work for the North Korean government have compromised the email account of a staff member of Russia’s Ministry of Foreign Affairs (MID) and deployed spear-phishing attacks against the country’s diplomats in other regions. One of the targets Read More …
Since the vulnerability was announced, CrowdStrike’s OverWatch threat hunters have been continuously ingesting the latest insights about the Log4j vulnerability as well as publicly disclosed exploit methods to influence their continuous hunting operations. On Dec. 14, 2021, VMware issued guidance Read More …
The year 2021 was not a good one for NSO Group, an Israeli technology firm that became famous, and then notorious, for its Pegasus spyware, capable of remote surveillance of smartphones. Once a promising startup that developed a unique tool Read More …
Meta, Facebook’s parent company, has banned several “cyber-mercenary” groups thought to have been offering surveillance services aimed at activists, dissidents and journalists worldwide. The social media giant said on Thursday it had begun warning about 50,000 people it believed may Read More …
Google Project Zero researchers want to thank Citizen Lab for sharing a sample of the FORCEDENTRY exploit with them, and Apple’s Security Engineering and Architecture (SEAR) group for collaborating with Google Project Zero on the technical analysis. The editorial opinions Read More …
In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT group’s arsenal. In 2020, the group used Manuscrypt in attacks on defense enterprises in different Read More …
Eighteen US Democratic lawmakers have asked the Treasury Department and State Department to punish Israel-based spyware maker NSO Group and three other surveillance software firms for enabling human rights abuses. In a letter [PDF] signed by US Senator Ron Wyden Read More …
Attackers most likely linked to Iran have attacked a string of telecoms operators in the Middle East and Asia over the past six months, in addition to a number of IT services organizations and a utility company. Organizations in Israel, Read More …
Earth Centaur, previously known as Tropic Trooper, is a long-running cyberespionage threat group that has been active since 2011. In July 2020, Trend Micro researchers noticed interesting activity coming from the group, and they have been closely monitoring it since. Read More …
