Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack

Threat actors exploited a vulnerability in the popular 3D computer graphics Autodesk software in order to launch a recent cyber-espionage attack against an international architectural and video production company. Researchers said that further analysis of the attack points to a sophisticated,...

Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware

Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide. Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has...

Source Code for CARBANAK Banking Malware Found On VirusTotal

Security researchers have discovered the full source code of the Carbanak malware—yes, this time it's for real. Carbanak—sometimes referred as FIN7, Anunak or Cobalt—is one of the most full-featured, dangerous malware that belongs to an APT-style cybercriminal group involved in several attacks...

Attacks Against Critical Infrastructure Seek Operational Intel

In most critical industries—petroleum refineries or energy utilities, for example—there is very little in the way of proprietary information. Refining crude oil into gasoline requires science, not a secret sauce. Same goes for power generation. So why are advanced attackers using the same data...

Regin Cyberespionage Malware Platform Modules Disclosed

The Regin malware platform used to steal secrets from government agencies, banks and GSM network operators caught the attention of security experts who called it one of the most advanced attack platforms that has been studied, surpassing Flame, Duqu, even Stuxnet. Researchers at Kaspersky Lab sai...

Regin Cyberespionage Malware Platform Targets GSM Networks

Researchers have uncovered a complex espionage platform reminiscent of Duqu that has been used since at least 2008 not only to spy on and extract email and documents from government agencies, research institutions and banks, but also one that targets GSM network operators in order to launch...

Automated Attack, Threat Intelligence Sharing Sought

BOSTON – If you’re looking for tangible information sharing success stories around attack intelligence, some might point to the prompt publishing of indicators of compromise IOC as an example. Security and forensics companies will publish MD5 hashes of malware, IP addresses involved in attacks,...

Icefog Targeted APT Attacks Hit South Korea, Japan

An espionage campaign featuring precise targeting of victims and malware that allows the attackers one-on-one interaction with compromised systems has been uncovered. Government agencies, manufacturers, high tech companies and media organizations in South Korea and Japan have been the primary...

Watering-Hole Attack Compromises Key Tibetan Site

In what has become a familiar scenario over the last couple of years, attackers have compromised a key Tibetan web site and loaded it with code that redirects some users to a third-party site that installs an APT-style backdoor. The attack has hit the Web site of the Central Tibetan Administratio...

njRAT Attacks Spike Against Middle East High-Value Targets

Government agencies, telecom and energy organizations in the Middle East are being targeted by espionage malware known as njRAT. The remote access Trojan is thorough in its data-stealing capabilities. Beyond dropping a keylogger, variants are capable of accessing a computer’s camera, stealing...

Stolen Opera Code-Signing Certificate Used to Sign Malware

Opera Software said it was able to contain the impact of a security breach that resulted in the theft of an expired code-signing certificate used to sign malware distributed to Windows users during a 36-minute stretch on June 19. Opera developer Sigbjorn Vik said the browser maker was victimized ...

Chinese Hackers targeting American Drones under Operation Beebus

FireEye experts have been tracking the Operation Beebus campaign for a few months now, and new same gang of hackers are being blamed for a set of recently discovered spear-phishing attacks that aim to steal information related to American drones. These attacks exploited previously discovered...

Chinese Hackers targeting American Drones under Operation Beebus

FireEye experts have been tracking the Operation Beebus campaign for a few months now, and new same gang of hackers are being blamed for a set of recently discovered spear-phishing attacks that aim to steal information related to American drones. These attacks exploited previously discovered...

Comment Crew's Operation Beebus Stealing Drone Tech

FireEye experts have been tracking the Operation Beebus campaign for a few months now, and their latest research suggests that whomever is responsible for the attacks is ultimately interested in stealing drone technology-related secrets. Operation Beebus is an APT-style attack campaign targeting...

Tallinn Manual Interprets International Law in Cyberwar Context

When nations eventually adopt ground rules for conflict in cyberspace as they apply in an actual kinetic war, the Tallinn Manual on the International Law Applicable to Cyber Warfare, is likely to be their key reference material in doing so. The Tallinn Manual, officially released late last week, ...

Inside the Targeted Attack on The New York Times

The Chinese group behind the targeted attack on the New York Times was laser focused on accessing the email of a reporter and the newspaper’s former Beijing bureau chief to the point that it used an inordinate number of custom malware samples to get the job done. “In terms of statistics, 45 custo...

Spear Phishing Remains Preferred Point of Entry in Targeted, Persistent Attacks

Persistent targeted attacks against the government, financial services, manufacturing and critical infrastructure take on many characteristics. Attackers can have different backgrounds and motivations, and the tools they use can range from commodity malware to zero-day exploits. One characteristi...

What's the Meaning of This: Adobe Certificate Attack

The news yesterday that Adobe had been compromised and that the attackers were able to get valid Adobe signatures on a pair of malware utilities is one of the more worrisome and troubling stories in what has become a year of huge hacks and historic change in the security industry. Adobe was...

Large-Scale Water Holing Attack Campaigns Hitting Key Targets

A new APT-style espionage campaign launched this summer targeting organizations tied to financial services, government agencies and the defense industry used a technique dubbed water holing to entice victims and silently redirect them to sites hosting zero-day exploits. Researchers at RSA Securit...

Months After A Patch, Targeted Attacks Still Using Adobe Flash Bug

More than three months after it was patched, attackers are still using a vulnerability in Adobe’s Flash product in targeted, ‘APT-style’ attacks. The vulnerability, identified as CVE-2012-0754 was patched in February and linked to targeted attacks weeks later. But new attacks targeting unpatched...