Thrip: Ambitious Attacks Against High Level Targets Continue

Symantec’s Targeted Attack Analytics uncovers new attack campaigns in South East Asia. Since Symantec first exposed the Thrip group in 2018, the stealthy China-based espionage group has continued to mount attacks in South East Asia, hitting military organizations, satellite communications operators, Read More …

Newly discovered cyber-espionage malware abuses Windows BITS service

Security researchers have found another instance of a malware strain abusing the Windows Background Intelligent Transfer Service (BITS). The malware appears to be the work of a state-sponsored cyber-espionage group that researchers have been tracking for years under the name Read More …

China’s APT3 Pilfers Cyberweapons from the NSA

Large portions of APT3’s remote code-execution package were likely reverse-engineered from prior attack artifacts. The advanced persistent threat (APT) group known as APT3, which researchers across the board link to the Chinese government, has built a full in-house battery of exploits Read More …

How Threat Intelligence Helps the Energy Sector Fight Cyberespionage

When it comes to cyber threats, some industries have it harder than others. Few are as heavily targeted by sophisticated cyberattacks as the energy sector. Over the last decade, state-sponsored hacking groups have routinely targeted utility networks and other energy providers for Read More …

Microsoft Says Russia’s Strontium Behind IoT Hacks

Russian hackers have been identified by security experts at Microsoft as being behind a series of attacks on IoT devices. Microsoft’s Threat Intelligence Center said in a blog posting that the Russian state-linked hackers were Strontium. The Strontium hackers are also known Read More …

A cyber-espionage group has been stealing files from the Venezuelan military

A cyber-espionage group known as “Machete” has been observed stealing sensitive files from the Venezuelan military, according to an ESET report published today. The group, known to have been active since 2010, has historically gone after a wide range of Read More …

Unique Monokle Android Spyware Self-Signs Certificates

A never-before-publicized mobile spy tool, a mobile surveillanceware remote access trojan (RAT) for Android called Monokle, has been spotted using novel techniques to exfiltrate data. According to the Lookout researchers who discovered Monokle in the wild, the malware has the Read More …