Tag Archives: cyber-espionage

Symantec Connects 40 Cyber Attacks to CIA Hacking Tools Exposed by Wikileaks

Security researchers have confirmed that the alleged CIA hacking tools recently exposed by WikiLeaks have been used against at least 40 governments and private organizations across 16 countries.

Since March, as part of its “Vault 7” series, Wikileaks has published over 8,761 documents and other confidential information that the whistleblower group claims came from the US Central Intelligence

Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits

Remember The Shadow Brokers? They are back.

A hackers group that previously claimed to have stolen a bunch of hacking tools (malware, zero-day exploits, and implants) created by the NSA and gained popularity last year for leaking a portion of those tools is back.

Today, The Shadow Brokers group released more alleged hacking tools and exploits that, the group claims, belonged to “Equation

WikiLeaks Reveals CIA's Grasshopper Windows Hacking Framework

As part of its Vault 7 series of leaked documents, whistleblowing website WikiLeaks today released a new cache of 27 documents allegedly belonged to the US Central Intelligence Agency (CIA).

Named Grasshopper, the latest batch reveals a CLI-based framework developed by the CIA to build “customised malware” payloads for breaking into Microsoft’s Windows operating systems and bypassing

Widespread Email Scam Targets Github Developers with Dimnie Trojan

Open source developers who use the popular code-sharing site GitHub were put on alert after the discovery of a phishing email campaign that attempts to infect their computers with an advanced malware trojan.

Dubbed Dimnie, the reconnaissance and espionage trojan has the ability to harvest credentials, download sensitive files, take screenshots, log keystrokes on 32-bit and 64-bit

New MacOS Malware linked to Russian Hackers Can Steal Passwords & iPhone Backups

Security researchers have discovered a new Mac malware allegedly developed by APT28 Russian cyber espionage group who is believed to be responsible for 2016 presidential election hacking scandal.

A new variant of the X-Agent spyware is now targeting Apple macOS system that has previously been used in cyber attacks against Windows, iOS, Android, and Linux devices.

The malware is designed to

“Eye Pyramid”, the Cyber-Espionage Malware that has Italy Reeling

This Tuesday, the Italian state police dismantled a cyber-espionage ring spearheaded by a brother and sister that sought to exert control over public institutions and administrations, professional studios, employers, and politicians. The network was able to access confidential information by installing a virus on victims’ computers, stealing information sensitive to financial institutions and state security.

Among those affected are former Prime Ministers Matteo Renzi and Mario Monti, as well as the president of the Central European Bank, Mario Draghi, as well as other individuals in possession of confidential information. Mayors, cardinals, regional presidents, economists, employers, and law enforcement officials are also on the list.

How Eye Pyramid Works

The investigation has been dubbed “Eye Pyramid”, after the particularly invasive malware that the suspects used to infiltrate the systems of the people they spied on.

These intrusions appear to have first surfaced in 2012, reaching 18,327 users with the theft of 1,793 passwords using a keylogger. This comes out to be around 87GB data. The method of infiltration was simple given the serious nature of the attack: the cybercriminal sent an email, the recipient opened it, and upon opening the email a software was installed on the device, giving access to its secret files.

Older versions of the malware with unknown origins (although possibly linked to Sauron) were probably used in 2008, 2010, 2011, and 2014 in various spear phishing campaigns.

In a hyperconnected world, with mounting tension between cybersecurity and cyber-espionage — we’ve recently seen a crossfire of accusations exchanged between major powers like the US, China, and Russia — these attacks appear to have special relevance to state security and the dangers it faces in the cyber world.

Advanced Persistent Threat, or How to Avoid a Cybernetic Nightmare

This attack, unprecedented in Italy, will continue to be under investigation and, according to authorities, may end up revealing connections to other cyberattacks carried out in other countries.

Protecting your confidential and sensitive data from cybercriminal networks and attacks such as ATPs is crucial in combatting the growing professionalization of cybercrime.

Advanced threats are no longer an issue when you’ve got an advanced cybersecurity solution like Adaptive Defense 360, the platform that connects contextual intelligence with defense operations to stay ahead of malicious behaviors and data theft. Protection systems are triggered and jump into action before the malware even has a chance to run.

Thwarting potential threats before they become a real problem is the only way to rest easy knowing that your information has not ended up falling into the wrong hands.

The post “Eye Pyramid”, the Cyber-Espionage Malware that has Italy Reeling appeared first on Panda Security Mediacenter.

Shadow Brokers reveals list of Servers Hacked by the NSA

The hacker group calling itself the Shadow Brokers, who previously claimed to have leaked a portion of the NSA’s hacking tools and exploits, is back with a Bang!

The Shadow Brokers published more files today, and this time the group dumped a list of foreign servers allegedly compromised by the NSA-linked hacking unit, Equation Group, in various countries to expand its espionage operations.

US charges Chinese ex-IBM employee with Espionage

The United States federal authorities have boosted charges against a former IBM Corp. software developer in China for allegedly stealing valuable source code from his former employer in the US.

Chinese national Xu Jiaqiang, 30, was arrested by the FBI in December last year, when he was charged with just one count of theft of a trade secret.

However, Jiaqiang has been charged with six counts:

PLATINUM Hackers Hijack Windows Hotpatching to Stay Hidden

In Brief
The Microsoft’s Windows Defender Advanced Threat Hunting team detected that a cyber espionage group of hackers, known as PLATINUM, has found a way to turn the Windows’s Hotpatching technique (a way of updating the operating system without requiring a restart) to hide its malware from Antivirus products.

PLATINUM group has been active since 2009 and launching large-scale attacks