News • Insights • Analysis
A new APT group has emerged that’s specifically targeting the fuel and energy complex and aviation industry in Russia, exploiting known vulnerabilities like Microsoft Exchange Server’s ProxyShell and leveraging both new and existing malware to compromise networks. Researchers at security Read More …
While investigating a recent rise of attacks against Exchange servers, we noticed a recurring cluster of activity that appeared in several distinct compromised networks. This cluster stood out for its usage of a formerly unknown Windows kernel mode rootkit that Read More …
FinSpy, also known as FinFisher or Wingbird, is an infamous surveillance toolset. Kaspersky has been tracking deployments of this spyware since 2011. Historically, its Windows implant was distributed through a single-stage installer. This version was detected and researched several times Read More …
A new hacking group targeting entities worldwide to spy on them has been unmasked by researchers. Dubbed FamousSparrow by ESET, on Thursday, the team said that the advanced persistent threat (APT) group — many of whom are state-sponsored — is Read More …
Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign targeting Microsoft Windows PCs at government and telecom entities in China and Pakistan. They began in June 2020 and continued through to April 2021. What piqued the Read More …
The U.S. government has entered a Deferred Prosecution Agreement (DPA) with three former intelligence operatives to resolve criminal charges relating to their offering of hacking services to a foreign government. Between 2016 and 2019, Marc Baier, Ryan Adams, and Daniel Read More …
Trend Micro researchers have uncovered a cyberespionage campaign being perpetrated by Earth Baku, an advanced persistent threat (APT) group with a known history of carrying out cyberattacks under the alias APT41. This is not the group’s first foray into cyberespionage, Read More …
Hackers associated with the Iranian government have focused attack efforts on IT and communication companies in Israel, likely in an attempt to pivot to their real targets. The campaigns have been attributed to the Iranian APT group known as Lyceum, Read More …
While investigating the Confucius threat actor, we found a recent spear phishing campaign that utilizes Pegasus spyware-related lures to entice victims into opening a malicious document downloading a file stealer. The NSO Group’s spyware spurred a collaborative investigation that found Read More …
The United Nations has called for a moratorium on the sale of “life threatening” surveillance technology and singled out the NSO Group and Israel for criticism. The catalyst for that UN’s action is the recent allegation that NSO Group’s wares Read More …
