Researchers at Palo Alto Networks recently observed the DragonOK APT group adopting new tactics, techniques and procedures. China-linked cyber espionage group DragonOK is back, security experts from Palo Alto Networks have uncovered a new campaign leveraging the KHRAT remote access Trojan (RAT). The DragonOk group (also known as NetTraveler (TravNet), PlugX,

According to FireEye, the notorious Russia-linked APT28 group is behind an ongoing campaign targeting hotels in several European countries. According to FireEye, the notorious Russia-linked APT28 group (Pawn Storm, Fancy Bear, Sofacy, Sednit and Strontium) is behind an ongoing campaign targeting hotels in several European countries. The researchers observed

  According to the indictment, he’s “one of the most notorious spammers in the world.”  The Russian Piotr ‘Severa’ Levashov, who has been arrested in a joint action by the Spanish and American authorities while on holiday in Barcelona, ​​made a mistake that could end up being very costly: he used the same credentials for hi

  The alleged hacking of the last US elections by the Russian government, the anonymous cyberattack that hit the Ukrainian power grid in 2015, the Stuxnet virus that sabotaged the Iranian nuclear program in 2010 — such events serve as a reminder that the next form of international conflict will be heavily dependent on cyberweapons. William Roper, direct

National elections have become a global stage for hackers to display their virtuosity, bringing the question of cybersecurity to the forefront of the conversation. Since Barack Obama accused the Russians of meddling in 2016’s presidential election in favor of Donald Trump, several European countries have taken their own measures to avoid such cyberatta

Latvian-born hacker Alexsey Belan, a Russian citizen, has been on the FBI’s list of most wanted cybercriminals for some time. His latest misdeed was the theft of 500 million Yahoo accounts in order to spy on Russian journalists and officials from both the US government and the Kremlin itself. The Department of Justice of the United States has officiall

A new report by PwC UK and BAE Systems has revealed a sophisticated cyber campaign “of unprecedented size and scale” targeting managed IT service providers (MSPs). The campaign, dubbed Operation Cloud Hopper, was motivated by espionage and information gathering, as evidenced by the attackers’ choice of high value and low profile targets. The authors of the r

Evgeniy M. Bogachev is in his early thirties and lives a comfortable life among his collection of luxury cars in a small resort city on the shores of the Black Sea. He is the most-wanted cybercriminal in the world, and the FBI is offering 3 million dollars for his capture. The US accuses Bogachev of having created a global botnet composed of infected compute

The China-linked DragonOK continues updating tools and tactics and targeted entities in various countries, including Russia and Tibet. It was September 2014, when security researchers at FireEye spotted for the first time the cyber espionage activities of a Chinese state-sponsored group dubbed DragonOK. At the time, FireEye discovered two hacking campaigns c

A remote access Trojan used sparingly in targeted attacks has been found after living under cover for three years, undetected by most security gear.The RAT, dubbed GlassRAT, was signed with a certificate belonging to a popular Chinese software company with hundreds of millions of users worldwide. The RAT was used to spy on Chinese nationals working in commer

Symantec revealed the existence of 49 new modules of the Regin espionage platform, a circumstance that suggests that its operators are still active. In November 2014, security experts at Symantec have uncovered the backdoor Regin, a highly advanced spying tool used in cyber espionage campaigns against governments and infrastru

Why would Pawn Storm, the long-running cyber-espionage campaign, set its sights on a Russian punk rock group? Sure, Pussy Riot is controversial. Members of the feminist band had previously been thrown in jail for their subversive statements against the Orthodox Church and Russian patriarchal system. But why would attackers have any interest in them? What is

The espionage gang behind the MiniDuke backdoor uncovered by Kaspersky Lab and CrySys Lab in 2013 has surfaced again with a new backdoor and attack platform that is used sparingly against only high-value targets.The new data theft tool, called Hammertoss, is a study not only in espionage capabilities, but also stealth and targeting. It’s been found so

Malware writers aren’t hesitant to do what it takes to protect a campaign and keep it hidden from detection technologies and security researchers.The group behind the Stegoloader malware, disclosed Monday by researchers at Dell SecureWorks, has taken to digital steganography to keep its information-stealing code from being seen. Once having compromised

The 2015 Verizon Data Breach Investigations Report (DBIR) did some mythbusting on two fronts: the estimated cost per record lost in a breach is much lower than reported elsewhere; and mobile malware is a no-go.The DBIR is Verizon’s annual data dump collected from breaches it has investigated, along with contributed data from 70 of its partners. Now in