The UK’s new offensive cyber unit takes on organised crime and hostile states

A new offensive force made up of spies, cyber experts and the members of the military is already conducting cyber operations to disrupt hostile state activities, terrorists and criminals, the UK government has revealed. The new group – known as Read More …

US charges Russian hackers behind NotPetya, KillDisk, OlympicDestroyer attacks

The US Department of Justice has unsealed charges today against six Russian nationals believed to be members of one of Russia’s elite hacking and cyberwar units — known as Sandworm. In court documents today, US officials said all six suspects Read More …

PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict

A new iteration of the PoetRAT spyware, sporting improvements to operational security, code efficiency and obfuscation, is making the rounds in Azerbaijan, targeting the public sector and other key organizations as the country’s conflict with Armenia over disputed territory intensifies. Read More …

Israel court rejects calls to revoke NSO Group’s spy software export licence

A court in Tel Aviv has rejected a ruling to order Israel to revoke the export license of the NSO Group, the country’s largest surveillance company, whose software has reportedly been used by governments to spy on dissidents and human Read More …

Facebook-NSO lawsuit: Hundreds of WhatsApp attacks linked to one IP address

The legal case between Facebook and Israeli spyware vendor NSO Group is starting to yield the details tech and cyber-security experts have been waiting since Facebook filed its lawsuit in October 2019. In court documents filed yesterday, Facebook said it linked Read More …

Security researcher identifies new APT group mentioned in 2017 Shadow Brokers leak

Three years and eight days ago, on April 14, 2017, a mysterious group of hackers known as the Shadow Brokers published a collection of hacking tools that ended up changing the internet forever. Known as the “Lost in Translation” dump, Read More …

Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill — Intelligence for Vulnerability Management, Part One

FireEye Mandiant Threat Intelligence documented more zero-days exploited in 2019 than any of the previous three years. While not every instance of zero-day exploitation can be attributed to a tracked group, we noted that a wider range of tracked actors Read More …