Security News

tRat Emerges as New Pet for APT Group TA505
2018-11-15 22:53

The modular malware seems to be in a testing phase, but TA505's interest made researchers take note.

APT Group Uses Windows Zero-Day in Middle East Attacks
2018-11-14 07:14

A Windows zero-day vulnerability addressed this week by Microsoft with its November 2018 Patch Tuesday updates has been exploited by an advanced persistent threat (APT) group in attacks aimed at...

NOKKI Malware Sports Mysterious Link to Reaper APT Group
2018-10-02 19:23

The relationship between the malware and the APT group remains somewhat murky.

A Closer Look at APT Group Sofacy’s Latest Targets
2018-03-23 15:52

Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang.

APT Group Uses Catfish Technique To Ensnare Victims (Threatpost)
2017-07-27 14:00

APT Cobalt Gypsy or OilRig, used a fake persona called "Mia Ash" to ensnare tech-savvy workers in the oil and gas industry into downloading PupyRAT malware.

Microsoft Says Russian APT Group Behind Zero-Day Attacks (Threatpost)
2016-11-01 21:50

Microsoft said Russian APT group Sofacy, which has ties to the country’s military intelligence operations, has been using Windows kernel and Adobe Flash zero day vulnerabilities in targeted attacks.

FruityArmor APT Group Used Recently Patched Windows Zero Day (Threatpost)
2016-10-20 11:00

The FruityArmor APT group was using one of the Windows zero days patched by Microsoft last week to escape sandboxes and carry out targeted attacks.

Windows Zero-Day Exploited by quot;FruityArmorquot; APT Group (SecurityWeek)
2016-10-20 10:06

FruityArmor APT Group Used Windows Zero Day to Escape Sandboxes (Threatpost)
2016-10-19 11:00

The FruityArmor APT group was using one of the Windows zero days patched by Microsoft last week to escape sandboxes and carry out targeted attacks.

Remote Butler attack: APT groups’ dream come true (Help Net Security)
2016-08-08 18:55

Microsoft security researchers have come up with an extension of the “Evil Maid” attack that allows attackers to bypass local Windows authentication to defeat full disk encryption: “Remote...