APT41’s new campaign is latest to highlight trend by Chinese threat groups to attack upstream service providers as a way to reach its intended targets, FireEye says. APT41, a Chinese hacking group known for its prolific state-sponsored espionage campaigns, has begun targeting telecommunications companies with new malware designed to monitor and save SMS traffic from
Author: Dell SecureWorks Counter Threat Unit™ Threat Intelligence Date: 07 October 2015 Summary While tracking a suspected Iran-based threat group known as Threat Group-2889 (TG-2889), Dell SecureWorks Counter Threat Unit™ (CTU) researchers uncovered a network of fake LinkedIn profiles. These convincing profiles form a self-referenced network of seemingly established LinkedIn users. CTU researchers assess with
Their findings demonstrate how Group 4 is likely conducting server-side skimming in addition to client-side activity. Security researchers have discovered a link between Magecart Group 4 and Cobalt Group, a well-known, financially motivated group in operation since 2015. Findings indicate Group 4 is not only conducting client-side skimming but was, and likely still is, doing
The West African cybergang has successfully infiltrated more than 500 companies using a tactic dubbed ‘vendor email compromise.’ A new West African cybercriminal group is targeting vendors with a technique called “vendor email compromise,” which it has used to successfully compromise more than 700 employee email accounts at more than 500 companies in at least
Cobalt Dickens targeted more than 60 universities in the US and elsewhere this summer, according to a new report. Cobalt Dickens, a threat group that the US has accused of working on behalf of the Iranian government, has launched a large global phishing campaign aimed at students, faculty, and staff at dozens of universities. The
APT3 quietly monitored an NSA attack on its systems and used the information to build a weapon of its own. Chinese threat actor APT3 quietly monitored the US National Security Agency’s use of a highly sophisticated cyber attack tool and then reverse engineered the code to build an advanced Trojan of its own called Bemstour.
Researchers report Lyceum, otherwise known as Hexane, has targeted organizations in South Africa and the Middle East. Newly discovered threat group Lyceum has been spotted attacking critical infrastructure firms in the oil and gas, and possibly telecommunications, industries with the goal of gaining and expanding access inside target networks, Secureworks’ Counter Threat Unit researchers report.
Over the past year, the financial damage linked to the Russian-speaking threat group has spiked fivefold, Group-IP says. The Russian-language-speaking Silence APT group appears to be evolving into a major threat to banks and financial institutions everywhere, but especially so in Asia, Europe, Russia, and the former Soviet Union states. Singapore-based security firm Group-IB, which
Microsoft spotted Strontium, also known as APT28 or Fancy Bear, using IoT devices to breach businesses and seek high-value data. Microsoft reports Russian state-sponsored attack group Strontium, also known as APT28 and Fancy Bear, is using popular Internet of Things devices to breach enterprise networks and elevate privileges. Back in April, researchers with the Microsoft
Data from an intrusion last year suggests Iron Liberty group may have a new trick up its sleeve, Secureworks says. Iron Liberty, a Russia-based cyber espionage group known for targeting energy, nuclear, and defense organizations worldwide, may have developed a dangerous new technique called a “man-on-the side” attack. Secureworks warned about the new threat in