Security News
The cyberspy group's activities are broader than originally thought.
The group is using malicious versions of WinRAR and other legitimate software packages to infect targets, likely via watering-hole attacks.
A dropper called “Topinambour" is the first-stage implant, which in turn fetches a spy trojan built in several coding languages.
Cymulate's Tim Ager Discusses Data Breach Prevention in the Age of Advanced AttacksWith the volume of data breaches and cyberattacks continuing to rise, organizations are increasingly relying on...
The Russian-speaking APT acts as a support group for high-profile APTs like Sofacy and BlackEnergy.
Researchers: New 'BlackWater' Campaign Shows Changes in Tactics, Techniques, ProceduresMuddyWater, an advanced persistent threat group that has targeted organizations in the Middle East, has...
Kaspersky Lab Says Korean-Speaking Group Expanding Its ArsenalScarCruft, a Korean-speaking APT group that has been targeting organizations mainly in Southeast Asia over the past three years, is...
In its latest observed campaign, there were also overlaps in victimology with the DarkHotel APT.
Researchers Describe What They've Learned From Data DumpDespite a doxing of its targets and tools in March, the advanced persistent threat group known as OilRig remains a significant threat to...
The attack group shows a moderate level of sophistication, but the stage is set for MuddyWater to take things to the next level.