A hacker group said it has broken into the Israeli electricity network

A hacker group identifying itself as the “Moses Staff” said it has broken into the Israeli electricity network, vowing to plunge the regime into darkness. The group said on Wednesday it had targeted the Israel Electric Corporation, the largest supplier Read More …

Aoqin Dragon hacking group quietly spied on their targets for 10 years

Researchers have discovered a stealthy espionage campaign by a most likely China-backed hacking group that has targeted government, education and telecommunication organizations since 2013. The attackers used a range of techniques to infect targets with malware, such as via malicious Read More …

Hydra with Three Heads: BlackByte & The Future of Ransomware Subsidiary Groups

On February 13, 2022, a novel, lesser-known ransomware collective posted the alleged financial documents of the San Francisco 49ers football team on their underground site. The threat group, known as BlackByte, was widely credited with the orchestration of the attack—However, Read More …

The BlackByte ransomware group is striking users all over the globe

The BlackByte ransomware group uses its software for its own goals and as a ransomware-as-a-service offering to other criminals. The ransomware group and its affiliates have infected victims all over the world, from North America to Colombia, the Netherlands, China, Read More …

Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques

In 2021, the Cybereason Nocturnus Incident Response Team investigated multiple intrusions targeting technology and manufacturing companies located in Asia, Europe and North America. Based on the findings of our investigation, it appears that the goal behind these intrusions was to Read More …

Update on cyber activity in Eastern Europe

Google’s Threat Analysis Group (TAG) has been closely monitoring the cybersecurity activity in Eastern Europe with regard to the war in Ukraine. Since our last update, TAG has observed a continuously growing number of threat actors using the war as Read More …

UNC3524: Eye Spy on Your Email

Since December 2019, Mandiant has observed advanced threat actors increase their investment in tools to facilitate bulk email collection from victim environments, especially as it relates to their support of suspected espionage objectives. Email messages and their attachments offer a Read More …