Is APT34 responsible for the Jason cyber espionage tool?
The cyber security expert, Marco Ramilli, analyzed it to match the clues e find if Iranian state-sponsored hackers are behind the operation. Something says Yes, something diverge.
Ukraine again under a cyber attack, probably by Gamaredon
Cybaze-Yoroi ZLAB cyber security experts: The campaign shows the Matryoshka structure to chain SFX archives, typical of APT implant, and the use of a legit third party RAT as payload.
Emissary Panda targets Middle East governments with webshells on Sharepoint servers
Palo Alto cyber security experts: The APT exploited a recently patched remote code execution vulnerability to upload a variety of tools. From Mimikatz to HyperBro.
North Korea, new Lazarus campaign with Electricfish malware
The cyber security experts: The APT’s malicious code implements a custom protocol that allows traffic to be funneled between a source and a destination IP address.
Cyber Warfare, Iranian state-sponsored hackers have been exposed
Published on 3 Telegram channels many leaks on Tehran’s APTs. Clearky cyber security experts: They are authentic and will minimize the potential attacks risks in the next few months.
Bank’s ATMs are targeted again by cybercrime with ATMitch
Yoroi-Cybaze cyber security experts: The APT malware is spearhead of a sophisticated cyber arsenal. It could be the tip of the iceberg of a more complex and articulated attack.
Is Iran’s APT34 behind the Sea Turtle cyber espionage campaign?
The cyber security experts: There are many similarities on TTPs, targets and purposes. The credential harvesting could be complementary to the WebMask project on DNS Hijack.
Ukraine, the last weaponized document on elections is the work of APT28
Yoroi-Cybaze cyber security experts, after an in dept analysis, confirm. The malicious document, that contains Emotet malware, is linked to Russian Hackers.
Sea Turtle campaign is harvesting credentials in Middle East and North Africa
Cisco Talos cyber security experts: At least 40 organizations across 13 different countries were compromised by a state-sponsored actor who exploits DNS hijacking.
Ukraine, mystery on a weaponized document on elections. APT28 or not?
Yoroi-Cybaze cyber security experts: It contains Emotet malware and should linked to Russian hackers. But some elements are confusing and need to be deepened.