Researchers Link Magecart Group 4 to Cobalt Group

Their findings demonstrate how Group 4 is likely conducting server-side skimming in addition to client-side activity. Security researchers have discovered a link between Magecart Group 4 and Cobalt Group, a well-known, financially motivated group in operation since 2015. Findings indicate Group 4 is not only conducting client-side skimming but was, and likely still is, doing
Read more
1 Comment

New Silent Starling Attack Group Puts Spin on BEC

The West African cybergang has successfully infiltrated more than 500 companies using a tactic dubbed ‘vendor email compromise.’ A new West African cybercriminal group is targeting vendors with a technique called “vendor email compromise,” which it has used to successfully compromise more than 700 employee email accounts at more than 500 companies in at least
Read more
1 Comment

Indictments Do Little to Stop Iranian Group from …

Cobalt Dickens targeted more than 60 universities in the US and elsewhere this summer, according to a new report. Cobalt Dickens, a threat group that the US has accused of working on behalf of the Iranian government, has launched a large global phishing campaign aimed at students, faculty, and staff at dozens of universities. The
Read more
1 Comment

Chinese Group Built Advanced Trojan by Reverse …

APT3 quietly monitored an NSA attack on its systems and used the information to build a weapon of its own. Chinese threat actor APT3 quietly monitored the US National Security Agency’s use of a highly sophisticated cyber attack tool and then reverse engineered the code to build an advanced Trojan of its own called Bemstour.
Read more
1 Comment

New ‘Lyceum’ Threat Group Eyes Critical Infrastructure

Researchers report Lyceum, otherwise known as Hexane, has targeted organizations in South Africa and the Middle East. Newly discovered threat group Lyceum has been spotted attacking critical infrastructure firms in the oil and gas, and possibly telecommunications, industries with the goal of gaining and expanding access inside target networks, Secureworks’ Counter Threat Unit researchers report.
Read more
33 Comments

Silence APT Group Broadens Attacks on Banks, Gets …

Over the past year, the financial damage linked to the Russian-speaking threat group has spiked fivefold, Group-IP says. The Russian-language-speaking Silence APT group appears to be evolving into a major threat to banks and financial institutions everywhere, but especially so in Asia, Europe, Russia, and the former Soviet Union states. Singapore-based security firm Group-IB, which
Read more
15 Comments

Russian Attack Group Uses Phones & Printers to …

Microsoft spotted Strontium, also known as APT28 or Fancy Bear, using IoT devices to breach businesses and seek high-value data. Microsoft reports Russian state-sponsored attack group Strontium, also known as APT28 and Fancy Bear, is using popular Internet of Things devices to breach enterprise networks and elevate privileges. Back in April, researchers with the Microsoft
Read more
39 Comments

Russian Threat Group May Have Devised a …

Data from an intrusion last year suggests Iron Liberty group may have a new trick up its sleeve, Secureworks says. Iron Liberty, a Russia-based cyber espionage group known for targeting energy, nuclear, and defense organizations worldwide, may have developed a dangerous new technique called a “man-on-the side” attack. Secureworks warned about the new threat in
Read more
19 Comments

Threat Group 4127 Targets Hillary Clinton Presidential Campaign

Author: SecureWorks Counter Threat Unit™ Threat Intelligence Date: 16 June 2016 Summary The Hillary Clinton email leak was the center of the latest scandal in the news caused by Threat Group-4127[1] (TG-4127). SecureWorks® Counter Threat Unit™ (CTU) researchers track the activities of Threat Group-4127, which targets governments, military, and international non-governmental organizations (NGOs). Components of TG-4127 operations have been
Read more
2 Comments

Evolution of the GOLD EVERGREEN Threat Group

Summary SecureWorks® Counter Threat Unit™ (CTU) researchers analyzed the evolution of GOLD EVERGREEN (also known as Business Club), an Eastern European threat group known for large-scale, financially motivated electronic crime. Over time, the threat actors have demonstrated a high level of organization, a wide range of criminal activity, and the ability to steal significant amounts
Read more
3 Comments