Security News

Kaspersky Lab Says Korean-Speaking Group Expanding Its ArsenalScarCruft, a Korean-speaking APT group that has been targeting organizations mainly in Southeast Asia over the past three years, is...

Researchers Describe What They've Learned From Data DumpDespite a doxing of its targets and tools in March, the advanced persistent threat group known as OilRig remains a significant threat to...

Group, Apparently Backed By Iran, Was Broadening Its Targets, Analysts SayA set of malicious tools, along with a list of potential targets and victims, belonging to an APT group dubbed OilRig has...

Phosphorus Group Waged Spear-Phishing Campaign, Company ReportsMicrosoft is using its legal muscle to push back against an advanced persistent threat group that is says is "widely associated with...

The modular malware seems to be in a testing phase, but TA505's interest made researchers take note.

A Windows zero-day vulnerability addressed this week by Microsoft with its November 2018 Patch Tuesday updates has been exploited by an advanced persistent threat (APT) group in attacks aimed at...

The relationship between the malware and the APT group remains somewhat murky.

Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang.

APT Cobalt Gypsy or OilRig, used a fake persona called "Mia Ash" to ensnare tech-savvy workers in the oil and gas industry into downloading PupyRAT malware.

Microsoft said Russian APT group Sofacy, which has ties to the country’s military intelligence operations, has been using Windows kernel and Adobe Flash zero day vulnerabilities in targeted attacks.