Austria’s foreign ministry announced that the cyber attack against its systems, allegedly carried by a state actor has ended. Earlier January, Austria’s foreign ministry announced it was facing a “serious cyberattack” and that it could be the work of a nation-state actor. “Due to the gravity and nature of the attack, it cannot be ruled out that

Japanese defense contractors Pasco and Kobe Steel have disclosed security breaches that they have suffered back in 2016 and 2018. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers. Just last week, Japan’s Ministry of Defense announced in addition to Mitsubishi Electric and the NEC defense business division

Kaspersky Security Bulletin 2019. Advanced threat predictions for 2020 Cybersecurity of connected healthcare 2020: Overview and predictions 5G technology predictions 2020 Cyberthreats to financial institutions 2020: Overview and predictions Moving to the cloud The popularity of cloud services is growing, and threat actors are here to exploit the trend. We

RevengeHotels is a targeted cybercrime malware campaign against hotels, hostels, hospitality and tourism companies, mainly, but not exclusively, located in Brazil. We have confirmed more than 20 hotels that are victims of the group, located in eight states in Brazil, but also in other countries such as Argentina, Bolivia, Chile, Costa Rica, France, Italy, Me

Targeted attacks and malware campaigns Mobile espionage targeting the Middle East At the end of June we reported the details of a highly targeted campaign that we dubbed ‘Operation ViceLeaker’ involving the spread of malicious Android samples via instant messaging. The campaign affected several dozen victims in Israel and Iran. We discovered this

The 5G telecommunications revolution is imminent. It is the next generation of cellular network, making use of the existing 4G LTE in addition to opening up the millimeter wave band. 5G will be able to welcome more network-connected devices and increase speeds considerably for users. It will serve as the foundation for advanced services, including: 8k strea

In April 2017, ShadowBrokers published their well-known ‘Lost in Translation’ leak, which, among other things, contained an interesting script that checked for traces of other APTs in the compromised system. In 2018, we found an APT described as the 27th function of this script, which we call ‘DarkUniverse’. This APT was active for a

Targeted attacks and malware campaigns More about ShadowHammer In March, we published the results of our investigation into a sophisticated supply-chain attack involving the ASUS Live Update Utility, used to deliver BIOS, UEFI and software updates to ASUS laptops and desktops. The attackers added a backdoor to the utility and then distributed it to users thr

Russian cyber espionage group APT28 targeted individuals with spear-phishing messages using documents referencing a NATO cybersecurity conference. Researchers with Cisco Talos have spotted a Russian cyber espionage group targeting individuals with spear-phishing messages using documents referencing a NATO cybersecurity conference. Experts attributed the atta

The APT28 group is trying to exploit the CVE-2017-11292 Flash zero-day before users receive patches or update their systems. Security experts at Proofpoint collected evidence of several malware campaigns, powered by the Russian APT28 group, that rely on a Flash zero-day vulnerability that Adobe patched earlier this week. According to the experts who observed

An NSA leaked document about the BADDECISION hacking tool raises the doubt about National Security Agency knew the Krack attack since 2010. Security experts are questioning the NSA about the recently disclosed Krack attack the allows an attacker to decrypt information included in protected WPA2 traffic. Security experts believe that the National Security Age

Russian hackers allegedly exploited Kaspersky AV to hack into NSA contractor and steal the NSA exploit code. It complicates Kaspersky’s position. Anonymous sources have claimed Russian intelligence extracted NSA exploits from a US government contractor’s home PC using Kaspersky Lab software. Sources told the Wall Street Journal that a malicious c

The CSE CybSec Z-Lab Malware Lab analyzed the Hospitality malware used by the Russian APT28 group to target hotels in several European countries. The Russian hacker group APT28, also known as Sofacy or Fancy Bear, is believed to be behind a series of attacks in last July against travelers staying in hotels in Europe and Middle East. This attack is performed

The threat actor that recently compromised the supply chain of the CCleaner software targeted at least 20 tech firms with a second-stage malware. The threat actor that recently compromised the supply chain of the CCleaner software to distribute a tainted version of the popular software targeted at least 20 major international technology firms with a second-

The Iran-linked APT33 group has been targeting aerospace and energy organizations in the United States, Saudi Arabia, and South Korea. According to security firm FireEye, a cyber espionage group linked to the Iranian Government, dubbed APT33, has been targeting aerospace and energy organizations in the United States, Saudi Arabia, and South Korea. The APT33