Operation Patao Express – Attackers spying on high-value targets in Ukraine, Russia and Belarus, and their TrueCrypt-encrypted data.
The post Operation Potao Express: Analysis of a cyber-espionage toolkit appeared first on We Live Security.
Tag Archives: apt
New Hammertoss Espionage Tool Tied to MiniDuke Gang
Hammertoss, a backdoor uncovered by researchers at FireEye, combines many previous communication venues used by APT29, a espionage outfit linked to the Russian government.
APT Group Exploiting Hacking Team Flash Zero Day
Security company Volexity said that the Wekby APT group, allegedly responsible for hitting Community Health Systems last year, is using the Hacking Team Flash Player zero-day exploit.
Emergency Adobe Flash Patch Fixes Zero Day Under Attack
Adobe released an emergency patch for a Flash zero day used in targeted attacks by APT3, the same group behind 2014’s Clandestine Fox attacks.
New APT Duqu 2.0 Hits High-Value Victims, Including Kaspersky Lab
The Duqu attackers, who are considered by researchers to be at the top of the food chain of APT groups and are responsible for attacking certificate authorities and perhaps spying on Iran’s nuclear program, have resurfaced with a new platform that was used to compromise high-profile victims, including some related to the Iran nuclear talks […]
APT Group Embeds Command and Control Data on TechNet Pages
The so-called Deputy Dog APT group has surfaced again with a means of keeping its command and control servers under wraps that involves Microsoft’s TechNet online resources.
Hotel Internet Gateways Patched Against Remote Exploit
A critical vulnerability in a popular hotel and convention center Internet gateway from AntLabs called InnGate has been patched. The flaw allows attackers read and write access to the devices from the Internet.
Equation APT Group Attack Platform A Study in Stealth
The EquationDrug cyberespionage platform is a complicated system that is used selectively against only certain target machines, one that can be extended via a collection of 116 malware plug-ins, researchers at Kaspersky Lab said.
New Analytics Tool Defines Language Used By Malicious Domains
OpenDNS went public with a new analytics tool that can be used to detect malicious domains used in APT and cybercrime campaigns.
Female Skype Avatar Sinks Syria Opposition Fighters
A cyberespionage campaign pulled off by pro-Syrian hackers against Assad opposition fighters used social engineering to steal military planning documents.