VB Migration

Tag: apt

  • Volatile Cedar campaign – cyber espionage isn’t just for large nation states

    Details of malware to be discussed at VB2015. Researchers at Check Point have revealed details of a cyber-espionage campaign, dubbed ‘Volatile Cedar’, that has been active since at least 2012. The campaign, whose motive appears to be political rather than financial, revolves around a custom-made remote access trojan named ‘Explosive’, which is separated into a…

  • Macro viruses make a return in targeted attacks

    Macros disabled in modern versions of Office, but enabled within many organisations. A report by the National Cyber Security Center (NCSC, the Dutch CERT) points to a resurgence of macro viruses in targeted attacks. Macro viruses are viruses that are written in a software’s built-in macro language. They were very common in the late 1990s,…

  • Hundreds of APTs linked to Chinese Army department

    ‘Unit 61398’ employs hundreds of people. A new report by security firm Mandiant links a large number of cyber-espionage cases to a department of the Chinese army. The report is far from the first to point to China as the source of many targeted attacks. However, it would be too easy to dismiss the report…

  • Attack targets government agencies in CIS countries

    Trojans used to steal specific files. Researchers at Trend Micro have discovered an ongoing targeted attack against, among others, government agencies and diplomatic missions in Russia and its neighbours. The attack is executed by sending targeted emails to employees. These emails contain attachments that exploit vulnerabilities in popular software and allow the attackers to install…

  • Windows Help Files used in targeted attacks

    Files with code-executing properties attached to emails. Researchers at Symantec have discovered Windows Help Files being used in targeted attacks. Such help files, which use the .hlp extension, are used by Windows Help , a program that allows users to find help for programs running on the popular operating system. Because the files can call…

  • Researchers find email used in RSA hack

    Email with malicious attachment uploaded to online scanning service Researchers at F-Secure have managed to obtain the file used in the targeted attack against security vendor RSA back in March. At the time, RSA was admirably open about the attack and explained that one of its employees had received a targeted email containing a malicious…

  • RSA gives insight into anatomy of attack on its systems

    Publicly available information used to spear phish employees. Security company RSA has released some information about how hackers gained access to its systems, giving a good insight into how such attacks take place and providing some useful lessons for the industry as a whole. The first step taken by the hackers was to obtain publicly…