Sunburst backdoor shares features with Russian APT malware

Posted by & filed under Security News.

Kaspersky researchers found that the Sunburst backdoor, the malware deployed during the SolarWinds supply-chain attack, shows feature overlaps with Kazuar, a .NET backdoor tentatively linked to the Russian Turla hacking group. Turla (aka VENOMOUS BEAR and Waterbug) has been coordinating information theft and espionage campaigns as far back as 1996 and is the main suspect behind attacks targeting the Pentagon and NASA, the U.S…. Read more »

APT Hackers Exploit Autodesk 3ds Max Software for Industrial Espionage

Posted by & filed under Ειδοποιήσεις.

It’s one thing for APT groups to conduct cyber espionage to meet their own financial objectives. But it’s an entirely different matter when they are used as “hackers for hire” by competing private companies to make away with confidential information. Bitdefender’s Cyber Threat Intelligence Lab discovered yet another instance of an espionage attack targeting an… Read more »

Chinese Rancor APT Refreshes Malware Kit for Espionage Attacks

Posted by & filed under Ειδοποιήσεις.

A Chinese-linked hacking group deployed a new malware strain dubbed Dudell as part of attacks targeting Cambodian government organizations between December 2018 and January 2019. The threat group tracked as Rancor by Palo Alto Networks’ Unit 42 is known to have operated highly-targeted cyber-espionage campaigns against other targets from South East Asia, including but not limited… Read more »

Turla Espionage Group Hacks OilRig APT Infrastructure

Posted by & filed under Ειδοποιήσεις.

Security researchers tracking activities of various nation-state cyber-espionage groups found evidence suggesting that the Turla group hijacked the infrastructure of OilRig hackers to compromise a target both actors were interested in. Turla is a Russian-backed advanced threat actor also known by the names Waterbug, Snake, WhiteBear, VENOMOUS BEAR, and Kypton. It focuses on cyber-espionage, with… Read more »