Security firm revealed that China-linked APT group Turbine Panda conducted cyber-espionage operations aimed at various aerospace firms for years. Security researchers at Crowdstrike conducted long-running cyber-espionage operations aimed at various aerospace firms. According to the experts the cyber espionage operations begun in January 2010, after the st

The United States Department of Justice has gathered evidence to charge at least six Russian government officials involved in the 2016 DNC hack. The United States Department of Justice has gathered evidence to charge at least six Russian government officials involved in the DNC hack during the 2016 Presidential election. In the past months, US intelligence b

Mozilla would remove the Dutch CA, the CA of the Staat de Nederlanden, from its trust list due to the new national legal framework. The Dutch Information and Security Services Act will come into force in January 2018 and one of the main effects of the new legal framework is that country’s certificate authority, CA of the Staat de Nederlanden, could be

UK Government blamed North Korea for the WannaCry attack that affected a third of English hospitals. “This attack, we believe quite strongly that it came from a foreign state,” Ben Wallace, a junior minister for security, told BBC Radio 4’s Today programme. “North Korea was the state that we believe was involved in this worldwide atta

According to Kaspersky, the PC was hacked after the NSA employee installed a backdoored key generator for a pirated copy of Microsoft Office. More details emerge from the story of the hack of the Kaspersky antivirus that allowed Russian intelligence to stole secret exploits from the personal PC of the NSA staffer. The PC was hacked after the NSA employee ins

Canada’s Communications Security Establishment (CSE) intel agency has released the source code for one of its malware analysis tools dubbed Assemblyline. The Canada’s Communications Security Establishment (CSE) intelligence agency has released the source code for one of its malware detection and analysis tools dubbed Assemblyline. The Assemblyline tool is wr

An NSA leaked document about the BADDECISION hacking tool raises the doubt about National Security Agency knew the Krack attack since 2010. Security experts are questioning the NSA about the recently disclosed Krack attack the allows an attacker to decrypt information included in protected WPA2 traffic. Security experts believe that the National Security Age

Russian hackers allegedly exploited Kaspersky AV to hack into NSA contractor and steal the NSA exploit code. It complicates Kaspersky’s position. Anonymous sources have claimed Russian intelligence extracted NSA exploits from a US government contractor’s home PC using Kaspersky Lab software. Sources told the Wall Street Journal that a malicious c

Evidence that Russian hackers attempted to interfere with the 2016 US Election continues to pile up, DHS notified states whose systems were hit by APTs. Evidence that Russia attempted to interfere with the 2016 US Election continues to pile up. Rumours started almost as soon as the 2016 US Election was completed, individuals with the White House have been qu

Security researchers at ESET have uncovered a surveillance campaign using a new variant of FinFisher spyware, also known as FinSpy. Finfisher infected victims in seven countries and experts believe that in two of them the major internet providers have been involved. “New surveillance campaigns utilizing FinFisher, infamous spyware known also as FinSpy

Wikileaks releases a new batch of documents that claim to detail the Russia mass surveillance apparatus implemented with the help of firm Peter-Service. Wikileaks has released a batch of documents, dubbed Spy File Russia, that detail the surveillance infrastructure implemented by Russia. The Kremlin’s surveillance apparatus allows the Russian agencies

I published the following diary on isc.sans.org: “Getting some intelligence from malspam“. Many of us are receiving a lot of malspam every day. By “malspam”, I mean spam messages that contain a malicious document. This is one of the classic infection vectors today and aggressive campaigns are started every week. Usually, most of them

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned 11 entities and Iranian nationals for malicious cyber-enabled activity. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned 11 entities and individuals for malicious cyber-enabled activity. US Dept. of Treasury announced sanctions

The US Department of Homeland security banned government agencies for using software products developed by Kaspersky Lab Bad news for security firm Kaspersky, the US Department of Homeland security banned government agencies for using software products developed by Kaspersky Labs. The ban was the response to the concerns about possible ties between Kaspersky

WikiLeaks has published a new batch of documents that details the Project Protego, a secret CIA Missile Control System Project for fighters Another week, another batch of CIA Vault7 leaks was published by Wikileaks. This time the documents provide details about the Project Protego, a CIA Secret Missile Control System. WikiLeaks published four secret docume