Microsoft's security team has come across a malware family that uses Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) interface as a file transfer tool.
A cyber-espionage group known as Turla — believed to be the cyber-arm of Russian intelligence — has been playing around with a backdoor trojan disguised as a Firefox extension that uses comments on Britney Spears Instagram photos to store the location of its command and control (C&C) server.
A Czech judge ruled yesterday that Yevgeny Nikulin, a Russian national accused of crimes in both the US and Russia, can be extradited based on the current charges. The court didn't specify to which country, and the decision now rests with Czech Justice Minister Robert Pelikan.
A 53-page report released today by Group-IB, a Russian cyber-security vendor, contains new evidence that cements the theory that the North Korean government is behind the Lazarus Group, a cyber-espionage outfit.
An anonymous group known as Intrusion Truth has published evidence that links an intelligence contractor working with the Chinese government to cyber-attacks that have been carried out by a cyber-espionage group known in the infosec community as APT3.
While initially, we thought this would be a silly and unsubstantiated discovery, the number of security firms claiming they've identified and confirmed connections between the WannaCry ransomware and malware used by the Lazarus Group has now gone up to three.
In an article published yesterday, ABC News cited congressional sources who claimed the Senate Intelligence Committee had started an investigation into Kaspersky Lab's relationship with the Russian government.
Microsoft's May 2017 Patch Tuesday, released yesterday, included fixes for three zero-days, which according to ESET and FireEye, were used by cyber-espionage groups operating out of Russia.
Russian cyberspies have developed a new breed of backdoor trojan that features several novel techniques, including an API that allows attackers to reverse the C&C communications flow when needed.
On Good Friday and ahead of the Easter holiday, the Shadow Brokers have dumped a new collection of files, containing what appears to be exploits and hacking tools targeting Microsoft's Windows OS and evidence the Equation Group had gained access to servers and targeted the SWIFT banking system of several banks across the world.
Security researchers from Symantec have tied the CIA hacking tools leaked by WikiLeaks last month to a cyber-espionage group responsible for at least 40 hacks in 16 countries.
The Shadow Brokers (TSB) are back, and they've released the password for the rest of the hacking tools they claim to have stolen from the NSA last year.
A cyber-espionage group that first surfaced in 2009 is using a novel tactic into hacking its targets by first breaching one of its cloud service providers, and then reaching inside the company's secure business network via the cloud service's approved communications channels.
Google and Lookout researchers published a report today revealing the activities of a new Android malware family, which they believe to be the Android counterpart of the Pegasus iOS spyware.
New clues discovered that bring light onto the operations of the first-ever cyber-espionage group called Moonlight Maze.
The US Department of Justice (DoJ) charged four suspects today for orchestrating the 2014 Yahoo data breach during which attackers stole details for over 500 million Yahoo users.
The Shamoon disk-wiping malware has received a major upgrade during the past few months, and now features a ransomware module, along with support for both 32-bit and 64-bit architectures, researchers from Kaspersky Lab revealed on Monday.
A well-organized cyber-espionage group is infecting computers at selected targets in Ukraine, turning on their microphone to record nearby audio, stealing documents, and storing exfiltrated data inside Dropbox accounts, according to security firm CyberX, who recently came across the malware used in these attacks.