HackDig : Dig high-quality web security articles for hacker

Operation AppleJeus Sequel

The Lazarus group is currently one of the most active and prolific APT actors. In 2018, Kaspersky published a report on one of their campaigns, named Operation AppleJeus. Notably, this operation marked the first time Lazarus had targeted macOS users, with the group inventing a fake company in order to deliver their manipulated application and exploit the hig
Publish At:2020-01-08 06:05 | Read:142 | Comments:0 | Tags:APT reports Featured Apple MacOS Cryptocurrencies Lazarus Ma

OilRig’s Poison Frog – old samples, same trick

After we wrote our private report on the OilRig leak, we decided to scan our archives with our YARA rule, to hunt for new and older samples. Aside from finding some new samples, we believe we also succeeded in finding some of the first Poison Frog samples. Poison Frog We’re not quite sure whether the name Poison Frog is the name given to the backdoor b
Publish At:2019-12-17 13:05 | Read:282 | Comments:0 | Tags:APT reports APT Backdoor Malware Descriptions PowerShell

RevengeHotels: cybercrime targeting hotel front desks worldwide

RevengeHotels is a targeted cybercrime malware campaign against hotels, hostels, hospitality and tourism companies, mainly, but not exclusively, located in Brazil. We have confirmed more than 20 hotels that are victims of the group, located in eight states in Brazil, but also in other countries such as Argentina, Bolivia, Chile, Costa Rica, France, Italy, Me
Publish At:2019-11-30 13:05 | Read:442 | Comments:0 | Tags:APT reports Featured Brazil Cyber espionage RAT Trojan Spear

DarkUniverse – the mysterious APT framework #27

In April 2017, ShadowBrokers published their well-known ‘Lost in Translation’ leak, which, among other things, contained an interesting script that checked for traces of other APTs in the compromised system. In 2018, we found an APT described as the 27th function of this script, which we call ‘DarkUniverse’. This APT was active for a
Publish At:2019-11-12 01:05 | Read:406 | Comments:0 | Tags:APT reports Featured Cyber espionage Microsoft Office Shadow

Titanium: the Platinum group strikes again

Platinum is one of the most technologically advanced APT actors with a traditional focus on the APAC region. During recent analysis we discovered Platinum using a new backdoor that we call Titanium (named after a password to one of the self-executable archives). Titanium is the final result of a sequence of dropping, downloading and installing stages. The ma
Publish At:2019-11-12 01:05 | Read:498 | Comments:0 | Tags:APT reports Featured Backdoor fileless malware Malware Descr

APT trends report Q3 2019

For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They a
Publish At:2019-10-16 06:25 | Read:447 | Comments:0 | Tags:APT reports Featured Apple iOS APT Browser Chinese-speaking

COMpfun successor Reductor infects files on the fly to compromise TLS traffic

In April 2019, we discovered new malware that compromises encrypted web communications in an impressive way. Analysis of the malware allowed us to confirm that the operators have some control over the target’s network channel and could replace legitimate installers with infected ones on the fly. That places the actor in a very exclusive club, with capa
Publish At:2019-10-03 07:00 | Read:652 | Comments:0 | Tags:APT reports Featured Browser Digital Certificates Encryption

Gaza Cybergang – updated activity in 2017:

1. Summary information The Gaza cybergang is an Arabic-language, politically-motivated cybercriminal group, operating since 2012 and actively targeting the MENA (Middle East North Africa) region. The Gaza cybergang’s attacks have never slowed down and its typical targets include government entities/embassies, oil and gas, media/press, activists, politi
Publish At:2017-10-30 15:55 | Read:4525 | Comments:0 | Tags:APT reports APT Arabic Malware Macros Mobile Malware Targete

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud