CERT alerts Information about The Ghost Dragon APT group Cylance SPEAR™ has identified an APT group which deploys multiple customized malware implants, targeting mainly Chinese and Russian users.
CERT alerts Information about a cyber-attack facilitator in the Netherlands A small web hosting provider with servers in the Netherlands and Romania has been a hotbed of targeted attacks and advanced persistent threats (APT) since early 2015. Starting from May 2015 till today we counted over 100 serious cyber attacks that originated from servers of this small provider.
Microsoft MS Security Bulletin Summary april 2016 This bulletin summary lists security bulletins released for April 2016.
Symantec Symantec Internet Security Threat Report 2016 Symantec discovered more than 430 million new unique pieces of malware in2015, up 36 percent from the year before. Perhaps what is most remarkableis that these numbers no longer surprise us.
CERT alerts Information about Suckfly, a China-based APT group that uses stolen codesigning certificates While code-signing certificates can offer more security, they can also live an unintended secret life providing cover for attack groups, such as the Suckfly APT group.
CERT alerts Information about a longrunning espionage campaign against the Tibetan community This report describes the latest iteration in a longrunning espionage campaign against the Tibetan community.
Microsoft MS Security Bulletin Summary march 2016 This bulletin summary lists security bulletins released for March 2016.
McAfee Report march 2016 The full force of winter is upon us—at least those of us in the Northern Hemisphere—and it is clear that the bad guys have been keeping themselves very busy while stuck indoors.
CERT alerts Information about operation DustStorm an APT against numerous major industries across Japan , South-Korea, US, Europe and several Southeast Asian countries Cylance SPEAR has uncovered a long-standing persistent threat targeting numerous major industries spread across Japan, South Korea, the UnitedStates, Europe, and several other Southeast Asian countries.
CERT alerts Information about the Posseidon Group targeted attack against different companies During the latter part of 2015, Kaspersky researchers from GReAT (Global Research and Analysis Team) got hold of the missing pieces of an intricate puzzle that points to the dawn of the first Portuguesespeaking targeted attack group, named “Poseidon.”
CERT alerts Information about attack on French Diplomat We observed a targeted attack in November directed at an individual working for the French Ministry of Foreign Affairs. The attack involved a spearphishing email sent to a single French diplomat based in Taipei, Taiwan and contained an invitation to a Science and Technology support group event.
CERT alerts Changelog of Emissary trojan In December 2015, Unit 42 published a blog about a cyber espionage attack using the Emissary Trojan as a payload. Emissary is related to the Elise Trojan and the Operation Lotus Blossom attack campaign, which prompted us to start collecting additional samples of Emissary.
Microsoft MS Security Bulletin Summary february 2016 This bulletin summary lists security bulletins released for February 2016.
CERT alerts Infomation about BlackEnergy APT employspearfishing with Word documents Late last year, a wave of cyberattacks hit several critical sectors in Ukraine. Widely discussed in the media, the attacks took advantage of known BlackEnergy Trojans as well as several new modules.
CERT alerts A paper about malwares and sandbox analysis Malware sandboxes are automated dynamic analysis systems that execute programs in a controlled environment. Within the large volumes of samples submitted daily to these services, some submissions appear to be different from others and show interesting characteristics.
CERT alerts Information about BlackEnergy trojan, targeting Ukrainian new media and electric industry The cybercriminal group behind BlackEnergy, the malware family that has been around since 2007 and has made a comeback in 2014 (see our previous blog posts on Back in BlackEnergy
Microsoft MS Security Bulletin Summary january 2016 This bulletin summary lists security bulletins released for January 2016.
FireEye What about the plant floor? - six key weaknesses that an adversary can use to undermine a plant’s operation Industrial enterprises including electric utilities, petroleum companies, and manufacturing organizations invest heavily in industrial control systems (ICS) to efficiently, reliably, and safely operate industrial processes.
CISCO Cisco Annual Security Report 2016 The Cisco 2016 Annual Security Report—which presents research, insights, and perspectives from Cisco Security Research—highlights the challenges that defenders face in detecting and blocking attackers who employ a rich and ever-changing arsenal of tools
