Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. SolarWinds has also revealed a new timeline for the incident and the discovery of two customer support incidents that they believe may be related to the Sunburst malware being deployed on…

Hackers breached German government’s secure computer networks

The Russia-linked Sofacy hacking group has breached the secure computer networks of a number of German federal agencies. The group – also known as APT28, Fancy Bear, and Pawn Storm – has been targeting government institutions, political organizations and military/defense companies around the world for over a decade. Confirmation of the breach The confirmation of…

Top digital transformation challenges? Cybercrime and espionage

In Frost & Sullivan’s recent survey covering end-user perspectives on navigating digital transformation, 54 per cent of IT professionals cited cybercrime and espionage as their top challenges, followed by systems integration. Other noteworthy findings include significant IT investment in productivity, improving digital presence, as well as communications/collaboration tool integration with other business software (Microsoft Office, Google-G-suite,…

Russian Hackers Exploit Recently Patched Flash Vulnerability

The Russia-linked cyber espionage group known as APT28 has been using a recently patched Adobe Flash Player vulnerability in attacks aimed at government organizations and aerospace companies, security firm Proofpoint reported on Thursday. The Flash Player flaw in question, CVE-2017-11292, was patched by Adobe on October 16. At the time when the patch was released, the…

Iranian Hackers Target Aerospace, Energy Companies

A cyber espionage group linked by security researchers to the Iranian government has been observed targeting aerospace and energy organizations in the United States, Saudi Arabia and South Korea. The threat actor, tracked by FireEye as APT33, is believed to have been around since at least 2013. Since mid-2016, the security firm has spotted attacks…

Turla gets ready to target Mac users

The cyber espionage group deploying the Turla (aka Snake, Uroburos, or Agent.BTZ) malware framework is expected to be able to target Mac users soon. The APT group The group, which security researchers named after the tool, has been operating for years, and was first spotted targeting computers running the Windows, then later also Linux users….

Cybercrime can come in any shape or size, and not always the form you’d expect

Cyberespionage is now the most common type of attack seen in manufacturing, the public sector and now education, warns the Verizon 2017 Data Breach Investigations Report. Much of this is due to the high proliferation of propriety research, prototypes and confidential personal data, which are hot-ticket items for cybercriminals. Nearly 2,000 breaches were analyzed in…

Leaked docs suggest NSA and CIA behind Equation cyberespionage group

Purported CIA documents leaked Tuesday appear to confirm that the U.S. National Security Agency and one of CIA’s own divisions were responsible for the malware tools and operations attributed to a group that security researchers have dubbed the Equation. The Equation’s cyberespionage activities were documented in February 2015 by researchers from antivirus vendor Kaspersky Lab….