article thumbnail

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

The attacks aimed at a Ministry of Health and a pharmaceutical company involved in the development of the COVID-19 vaccine. The systems at the pharmaceutical company were targeted with the BookCode malware, while in the attack against a Ministry of Health the APT group used the wAgent malware. .

article thumbnail

Google warned users of 33,015 nation-state attacks since January

Security Affairs

Shane Huntley, Director at Google’s Threat Analysis Group (TAG), revealed that her team has shared its findings with the campaigns and the Federal Bureau of Investigation. Google sent 11,856 government-backed phishing warnings during Q1 2020, 11,023 in Q2 2020, and 10,136 in Q3 2020. Tbps, the largest DDoS attack of ever.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New financially motivated attacks in Western Europe traced to Russian-speaking threat actors

Security Affairs

At least two companies operating in pharmaceutical and manufacturing sectors have been affected. If the latter are the ones to blame, this marks the first time the gang has launched the attacks against pharmaceutical and manufacturing companies and may indicate a significant shift in their modus operandi. . 126 and 37.120.145 [. ]

article thumbnail

US govt agencies share details of the China-linked espionage malware Taidoor

Security Affairs

“CISA encourages users and administrators to review Malware Analysis Report MAR-10292089-1.v1 See the latest malware analysis report on their TTPs at @CNMF_CyberAlert. US government agencies published the Malware Analysis Report MAR-10292089-1.v1 ” reads Malware Analysis Report MAR-10292089-1.v1.

article thumbnail

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

Since August, FIN11 started targeting organizations in many industries, including defense, energy, finance, healthcare, legal, pharmaceutical, telecommunications, technology, and transportation. ” reads the analysis published by FireEye. ” reads the analysis published by FireEye. ” reads the analysis.

article thumbnail

Russia-linked APT28 and crooks are still using the Moobot botnet

Security Affairs

The analysis of memory dumps and command-and-control connections revealed that the botnet is running a variant of the Ngioweb malware. Trend Micro also discovered that at least two prominent cybercriminal groups and the Russia-linked APT group Pawn Storm used the botnet. ” reported Trend Micro. ” reported Trend Micro.

article thumbnail

Financially motivated Earth Lusca threat actors targets organizations worldwide

Security Affairs

The APT group targeted organizations in various industries, including the aviation, gaming, pharmaceuticals, technology, telecoms, and software development industries. ”reads the analysis published by Trend Micro. The researchers grouped the Earth Lusca’s infrastructure into two “clusters.