Tag: APT

China's government appears to be suppressing information on serious, exploitable security vulnerabilities in software, a study by Recorded Future found.

China delays notification of software holes targeted in state hacks

China is doing a better job finding and disclosing information on software security holes…except when those vulnerabilities are high risk and might be used in targeted attacks. That, according to a report out Thursday by the firm Recorded Future.

There are warnings from the DHS and FBI about a North Korean cyber operation dubbed Hidden Cobra.

US Government Warns of Hidden Cobra North Korea Cyber Threat

A Department of Homeland Security (DHS) Alert released on Tuesday warns the public about a campaign of hacking by the government of North Korea it has code-named “Hidden Cobra.”

North Korean hackers have been targeting US defense firms in search of information on weapons systems, according to multiple sources.

Exclusive: Eye on Weapons Systems, North Korean Hackers target US Defense Contractors

North Korean hackers have stepped up their attacks on U.S. defense contractors in an apparent effort to gain intelligence on weapon systems and other assets that might be used against the country in an armed conflict with the United States and its allies, The Security Ledger has learned.

OceanLotus, an advanced threat group believed to be operating out of Vietnam, is alleged to have targeted ASEAN and other civil society groups.

Report details mass digital surveillance, attacks on ASEAN linked to Vietnamese APT group

The security firm Volexity reported on Monday that it uncovered a massive campaign of digital surveillance and web-based attacks directed at ASEAN and other civil society groups in Vietnam, Cambodia and other countries, including ASEAN, the Association of Southeast Asian Nations. Volexity researchers discovered malicious code lurking on main website for ASEAN and more than 80 other websites, many belonging to small media, human rights and civil society organizations, as well as individuals who had been critical of the Vietnamese government. The malicious code allowed the hacking group, dubbed OceanLotus, to track, profile and target visitors to the websites, Volexity said. The scope of the campaign was one of the largest the researchers have ever come across, rivaling the so-called “Waterbug” campaign of phishing and watering hole attacks that was described by the security firm Symantec in 2016. Links to Vietnam OceanLotus is believed to be an Advanced Persistent Threat (or […]

The tactics of cyber criminal hacking crews are indistinguishable from those of sophisticated, state sponsored "advanced persistent threat" groups, the firm FireEye said in its most recent M-Trends report.

Dark Markets do it better, surveying the Phishing underground and dissecting a Fancy Bear attack

In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen journalism website Bellingcat.com to understand how the Russian Group known as Fancy Bear works.