Behind the Great Firewall: Chinese cyber-espionage adapts to post-Covid world with stealthier attacks

"China’s long-established cyber-threat groups have been building up a huge arsenal of resources, comprising both publicly available and customized tools, and diversifying their repertoire amid the coronavirus pandemic. Threat intelligence experts quizzed by The Daily Swig said that Chinese state-sponsored attackers are at the forefront of developing new or novel hacking techniques." Full article: https://portswigger.net/daily-swig/behind-the-great-firewall-chinese-cyber-espionage-adapts-to-post-covid-world-with-stealthier-attacks

April 22, 2021 0

Ransomware Gangs Publish Data Stolen from Victims who Refuse to Pay Up

As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen to rebuild their... Continue Reading →

October 8, 2020 0

HBO Hacker was Part of Iran’s “Charming Kitten” Elite Cyber-Espionage Unit

Behzad Mesri, the Iranian national the US has accused of hacking HBO this year (2017), was part of an elite Iranian cyber-espionage unit known in infosec circles as Charming Kitten, according to a report released yesterday (Dec. 5, 2017) by Israeli firm ClearSky Cybersecurity. "(Also) Known as an APT (Advanced Persistent Threat) 35, this group... Continue Reading →

April 7, 2020 0

Another Early Report on Iranian Hacker Group “Rocket Kitten”

"Since mid-2014, a group of attackers was observed by different computer security professionals, including Trend Micro and ClearSky. We have documented some of their moves. The set of targeted attack campaigns have been dubbed “Rocket Kitten” and the perpetrators as the “Rocket Kitten Group.” Additional sources indicate that the group may have been active as... Continue Reading →

April 7, 2020 0

Early Report on Iranian Hacker Group “Rocket Kitten”

"Since early 2014, an attacker group of Iranian origin has been actively targeting persons of interest by means of malware infection, supported by persistent spear phishing campaigns. This cyber-espionage group was dubbed ‘Rocket Kitten,’ ..." "Characterized by relatively unsophisticated technical merit and extensive use of spear phishing, the group targeted individuals and organizations in the... Continue Reading →

April 7, 2020 0

Source Code of Iranian APT34’s Cyber-Espionage Tools Leaked on Telegram

"In an incident reminiscent of the Shadow Brokers leak that exposed the NSA's hacking tools, someone has now published similar hacking tools belonging to one of Iran's elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten." "The hacking tools are nowhere near as sophisticated as the NSA tools leaked in 2017, but they are dangerous... Continue Reading →

March 9, 2020 0

APT34 is an Iran-Linked Hacking Group that Probes Critical Infrastructure

"FireEye researchers tracked 34 of the group's attacks on institutions in seven Middle Eastern countries between 2015 and mid-2017, but says APT 34 has been operational since at least 2014. The group appears to target financial, energy, telecommunications, and chemical companies, and FireEye says it has moderate confidence that its hackers are Iranians. They log... Continue Reading →

March 9, 2020 0

Iranian Hackers Increasing Their Activity Worldwide as Part of New Cyber-Espionage Program

"Over the past two years, Iranian hackers have targeted hundreds of companies and organizations worldwide. And now it looks like they are casting an even wider net, as they specifically target sensitive political, diplomatic and military targets in the United States, Australia, and UK. Several high-profile attacks – most recently a cyber espionage attack carried... Continue Reading →

February 16, 2020 0

Iran’s APT33 May Be Targeting Industrial Control Systems

"Iranian hackers have carried out some of the most disruptive acts of digital sabotage of the last decade, wiping entire computer networks in waves of cyberattacks across the Middle East and occasionally even the US. But now one of Iran's most active hacker groups appears to have shifted focus. Rather than just standard IT networks,... Continue Reading →

February 15, 2020 0

Iranian Hacker Group APT33 Targets Multiple Organizations in Saudi Arabia and U.S.

"The Elfin espionage group (aka APT33) has remained highly active over the past three years, attacking at least 50 organizations in Saudi Arabia, the United States, and a range of other countries." "The group, which first became active in late 2015 or early 2016, specializes in scanning for vulnerable websites and using this to identify... Continue Reading →

February 15, 2020 0

Blog at WordPress.com.

Up ↑

Design a site like this with WordPress.com

Get started