APT report for 2018-11-29

TRANSNATIONAL / UNKNOWN

1. Looking Ahead: RiskIQ’s 2019 Cybersecurity Predictions

CHINA

2. The Fractured Block Campaign: CARROTBAT Used to Deliver Malware Targeting Southeast Asia

INDIA

Nil

NORTH KOREA

3. McAfee Labs 2019 Threats Predictions Report
4. Lazarus Targeting Latin America

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

5. WannaCry: One year later, is the world ready for another major attack?
6. First Annual Cyberwarcon
7. Accenture: Russian hackers using Brexit talks to disguise phishing lures
8. Pterodo Found On State Authorities' Computers In Ukraine
9. Beware the Malware-Laden Brexit News
10. McAfee Labs 2019 Threats Predictions Report

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-26

TRANSNATIONAL / UNKNOWN

1. Cyberthreats to financial institutions 2019: overview and predictions

CHINA

Nil

INDIA

Nil

NORTH KOREA

2. Cyberthreats to financial institutions 2019: overview and predictions

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

3. APT28 Is Using New Variant of Lojax
4. Recent Attacks on US Entities Attributed to APT29

SERBIA

Nil

UKRAINE

5. Cyberthreats to financial institutions 2019: overview and predictions

APT report for 2018-11-24

TRANSNATIONAL / UNKNOWN

Nil

CHINA

Nil

INDIA

Nil

NORTH KOREA

1. North Korea-linked group Lazarus targets Latin American banks

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

2. News of the Week: November 24, 2018

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-23

TRANSNATIONAL / UNKNOWN

1. Criminal turf war may be brewing after Magecart double whammy
2. Synthetic identity fraud to drive $48 billion in annual losses by 2023 – Juniper Research
3. The team discuss continuing activity by the Magecart group, as well as the ways in which #cybercriminals are gearing up

CHINA

4. US Says China Increased Hacking over Trade Dispute

INDIA

Nil

NORTH KOREA

5. North Korean Hackers Hit Latin American Banks

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

6. Week in security with Tony Anscombe
7. Phishing Used to Launch GreyEnergy's ICS Attacks
8. Exclusive Cybaze ZLab – Yoroi – Hunting Cozy Bear, new campaign, old habits

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-22

TRANSNATIONAL / UNKNOWN

1. #Irisscon: Stop Siloing Vulnerability Management to Deal with Old Bugs
2. Podcast: Breaking Down the Magecart Threat (Part One)

CHINA

Nil

INDIA

Nil

NORTH KOREA

3. VB2018 paper: Since the hacking of Sony Pictures

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

Nil

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-21

TRANSNATIONAL / UNKNOWN

1. How Retailers Can Protect Against Magecart This Black Friday and Holiday Season
2. Black Friday & Cyber Monday Deals: Phishing and Site Skimmers
3. Magecart Black Hats Battle it Out On Infected Site
4. Exploit Windows Remote PC with EternalBlue & DoublePulsar Exploit through Metasploit
5. Is Magecart Checking Out Your Secure Online Transactions?
6. Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
7. Infowars Online Store Got Infected with Card Skimming Malware
8. MageCart Group Sabotages Rival to Ruin Data and Reputation

CHINA

9. Inspiring the Next Generation of Tech Talent
10. Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign

INDIA

Nil

NORTH KOREA

11. Lazarus APT Uses Modular Backdoor to Target Financial Institutions
12. Millions Stolen by North Korea-Linked Hacking Group from Atms in Africa and Asia

PAKISTAN

Nil

VIETNAM

Nil

IRAN

13. Analyzing OilRig’s Ops Tempo from Testing to Weaponization to Delivery

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

14. Russian Cozy Bear cyberspies awake from hibernation to sling spyware
15. Sofacy APT unleashes new 'Cannon' trojan
16. New Pterodo Backdoor Malware Detected By Ukraine
17. New Campaign by APT Group Sofacy Discovered using new Malware Named Cannon
18. Fancy Bear hacker crew Putin dirty RATs in Word documents emailed to govt orgs – report
19. Weekly Threat Briefing: Russian APT Comes Back to Life with New US Spear-phishing Campaign
20. Latest Hacking News Podcast
21. Sofacy APT group used a new tool in latest attacks, the Cannon
22. Russian hackers are conducting more covert attacks on US and European computers
23. Fancy Bear APT Uses New Cannon Trojan to Target Government Entities
24. Sofacy APT Takes Aim with Novel ‘Cannon’ Trojan
25. Russia Linked Group Resurfaces With Large-Scale Phishing Campaign

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-20

TRANSNATIONAL / UNKNOWN

1. Magecart group hilariously sabotages competitor
2. Web skimmers compete in Umbro Brasil hack
3. An Introduction to Magecart
4. Magecart Spies Payment Cards From Retailer Vision Direct

CHINA

5. Inspiring Gender Diversity at Women of the Channel Leadership Summit
6. TEMP.Periscope Spearphishing

INDIA

Nil

NORTH KOREA

7. Lazarus Continues Heists, Mounts Attacks on Financial Organizations in Latin America

PAKISTAN

Nil

VIETNAM

8. ESET: Vietnamese hacking group hijacks Southeast Asian sites in watering hole campaign

IRAN

9. Experts analyzed how Iranian OilRIG hackers tested their weaponized documents

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

10. APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
11. APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign
12. Russia’s Elite Hackers May Have New Phishing Tricks
13. Sednit: What’s going on with Zebrocy?
14. Sednit: What’s going on with Zebrocy?
15. Government Agencies and Think Tanks attacked, APT29 suspected
16. Hackers Linked to Russia Impersonate US Officials
17. Russian APT activity is resurgent, researchers say
18. Sofacy Continues Global Attacks and Wheels Out New ‘Cannon’ Trojan
19. Kaspersky Security Bulletin: Threat Predictions for 2019
20. Cozy Bear tracks: Phishing campaign looks like work of Russian APT group

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-19

TRANSNATIONAL / UNKNOWN

1. VisionDirect Blindsided by Magecart in Data Breach
2. A week in security (November 12 – 18)
3. Collective Intelligence Podcast, Vitali Kremez on Magecart

CHINA

Nil

INDIA

Nil

NORTH KOREA

4. New ShadowTalk update looks at: New nation-state threat actor uses advanced TTPs to target Pakistan Lazarus Group’s FASTCash malware

PAKISTAN

Nil

VIETNAM

Nil

IRAN

5. Iran-Linked Hackers Use Just-in-Time Creation of Weaponized Attack Docs

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

6. Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign
7. Cybaze ZLab – Yoroi team analyzed malware used in recent attacks on US entities attributed to APT29
8. Russian Cozy Bear APT 29 hackers may be impersonating State Department

SERBIA

Nil

UKRAINE

9. Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign

APT report for 2018-11-18

TRANSNATIONAL / UNKNOWN

1. A Look Inside MageCart, A Notorious Hacker Group
2. SMS 2FA database leak drama, MageCart mishaps, Black Friday badware, and more
3. WatchGuard Technologies 2019 Security Predictions

CHINA

4. Security Affairs newsletter Round 189 – News of the week

INDIA

Nil

NORTH KOREA

Nil

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

5. Suspected APT29 hackers behind attacks on US gov agencies, think tanks, and businesses
6. Security Affairs newsletter Round 189 – News of the week
7. WatchGuard Technologies 2019 Security Predictions

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-17

TRANSNATIONAL / UNKNOWN

Nil

CHINA

Nil

INDIA

Nil

NORTH KOREA

1. 8 Cybersecurity Prediction for 2019

PAKISTAN

Nil

VIETNAM

Nil

IRAN

2. News of the Week: November 17, 2018
3. BlackBerry absorbs Operation Cleaver beaver Cylance into threat detection unit

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

Nil

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-16

TRANSNATIONAL / UNKNOWN

1. InfoWars: Magecart Infection Points to 'Industrial Sabotage'
2. Reappearance of Magecart Malware to Infect Virtual Stores
3. Operation Shaheen – Pakistan Air Force members targeted by nation-state attackers
4. Cyber News Rundown: Infowars Hacked by Card Skimmers
5. INDRIK SPIDER and BitPaymer
6. Two hacker groups attacked Russian banks posing as the Central Bank of Russia
7. Magecart become close to a household name with hacks of massive sites like http://Ticketmaster.com , http://Newegg.com and British Airways.

CHINA

Nil

INDIA

Nil

NORTH KOREA

8. Group-IB presented latest cybercrime and nation-state hacking trends in Asia
9. Looking Back at LogRhythm Labs' 2018 Predictions for Security - How Did We Do?

PAKISTAN

Nil

VIETNAM

Nil

IRAN

10. Analyzing OilRig’s Ops Tempo from Testing to Weaponization to Delivery

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

11. Russian APT comes back to life with new US spear-phishing campaign
12. Group-IB presented latest cybercrime and nation-state hacking trends in Asia
13. VB2018 video: Shedding skin - Turla's fresh faces
14. Cybaze ZLab- Yoroi team spotted a new variant of the APT28 Lojax rootkit

SERBIA

Nil

UKRAINE

15. Group-IB presented latest cybercrime and nation-state hacking trends in Asia
16. Two hacker groups attacked Russian banks posing as the Central Bank of Russia

APT report for 2018-11-15

TRANSNATIONAL / UNKNOWN

1. Suspected Russian cybercriminal arrested in Bulgaria at U.S. request, lawyer says
2. One In Five Magecart Infected Stores Gets Reinfected Within Days
3. 20% of MageCart-compromised merchants get reinfected within days
4. 20% of MageCart-compromised merchants get reinfected within days
5. RiskIQ’s 2018 Black Friday E-commerce Blacklist: Key Intel for This Year’s Mega Shopping Weekend
6. Skimmed BA and Newegg Customer Card Details Up for Sale
7. InfoWars online store hit by Magecart
8. Alex Jones's InfoWars online store hit by Magecart
9. One in five Magecart-infected stores get reinfected within days

CHINA

10. Chinese TEMP.Periscope cyberespionage group was using TTPs associated with Russian APTs

INDIA

Nil

NORTH KOREA

Nil

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

11. Compromising vital infrastructure: air traffic control
12. Chinese TEMP.Periscope cyberespionage group was using TTPs associated with Russian APTs
13. WannaCry Still Impacts Thousands of Systems Every Month

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-14

TRANSNATIONAL / UNKNOWN

1. Magecart Cybercrime Groups Harvest Payment Card Data
2. Cyber espionage group used CVE-2018-8589 Windows Zero-Day in Middle East Attacks
3. Magecart- The Card-Skimming Group and Its Many Faces
4. Infowars Store Affected by Magecart Credit Card Stealing Hack
5. Alex Jones’ Infowars store was infected with credit card skimming software
6. Latest Hacking News Podcast
7. Card skimming malware removed from Infowars online store

CHINA

Nil

INDIA

Nil

NORTH KOREA

8. Weekly Threat Briefing: Adobe ColdFusion Servers Under Attack from APT Group
9. Operation FastCash

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

10. Key takeaways from Datto’s State of the Channel Ransomware Report 2018

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-13

TRANSNATIONAL / UNKNOWN

1. Magecart Cybercrime Groups Mass Harvest Payment Card Data
2. Seven Hacking Groups Operate Under “Magecart” Umbrella, Analysis Shows
3. That Domain You Forgot to Renew? Yeah, it’s Now Stealing Credit Cards
4. Getting to Know Magecart: An Inside Look at 7 Groups
5. How Magecart groups are stealing your card details from online stores
6. Inside Magecart: RiskIQ and Flashpoint Release Comprehensive Report on the Assault on E-Commerce
7. ‘Inside Magecart’ Exposes the Operation Behind the Web’s Biggest E-Commerce Scourge
8. #Gallmaker eschews custom malware, uses living off the land and publicly available #hack tools. Find out more:
9. Compromised security in millions of cards in the US

CHINA

10. Chinese Threat Actor TEMP.Periscope Targets UK-Based Engineering Company Using Russian APT Techniques

INDIA

Nil

NORTH KOREA

11. The Tactic Cybercriminals Use to Steal Bitcoin

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

12. The Cybersecurity Tech Accord endorses the Paris Call
13. Chinese Threat Actor TEMP.Periscope Targets UK-Based Engineering Company Using Russian APT Techniques

SERBIA

Nil

UKRAINE

14. Chinese Threat Actor TEMP.Periscope Targets UK-Based Engineering Company Using Russian APT Techniques

APT report for 2018-11-12

TRANSNATIONAL / UNKNOWN

1. IT threat evolution Q3 2018. Statistics

CHINA

Nil

INDIA

Nil

NORTH KOREA

2. IT threat evolution Q3 2018
3. Researchers Uncover How Lazarus Hacking Group Stole Millions of Dollars From ATMs

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

4. France seeks Global Talks on Cyberspace security and a “code of good conduct”

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-11

TRANSNATIONAL / UNKNOWN

1. 'DerpTrolling’ faces jail time for Sony DoS attacks
2. Security Affairs newsletter Round 188 – News of the week

CHINA

Nil

INDIA

Nil

NORTH KOREA

Nil

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

Nil

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-10

TRANSNATIONAL / UNKNOWN

Nil

CHINA

Nil

INDIA

Nil

NORTH KOREA

1. Lazarus Group Attacks ATMs, Tens of Millions Stolen in Recent Heist
2. Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks
3. A Careful Look on FastCash, the New Cash Cow of Lazarus Hacking Group
4. Researchers reveal the malware used by North Korean hackers to attack ATMs

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

5. FIFA is hacked… Once again

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-09

TRANSNATIONAL / UNKNOWN

1. Inception Attackers Target Europe with Year-old Office Vulnerability
2. Inception hackers target European organisations with old Office flaw
3. DerpTrolling game server DDoS attacker pleads guilty
4. Sony DDoS-er 'DerpTrolling' Pleads Guilty
5. Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy
6. Notorious "DerpTrolling" Pleads Guilty to DDoS Attacks on EA & Sony

CHINA

7. Playbook Fridays: Domain Spinning Workbench Spaces App

INDIA

Nil

NORTH KOREA

8. Lazarus FASTCash ATM Attack Details Discovered
9. Lazarus FASTCash ATM attack details discovered
10. Latest Hacking News Podcast

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

11. Playbook Fridays: Domain Spinning Workbench Spaces App
12. VirusTotal and USCyberCom Join Forces To Identify Malware

SERBIA

Nil

UKRAINE

13. Playbook Fridays: Domain Spinning Workbench Spaces App

APT report for 2018-11-08

TRANSNATIONAL / UNKNOWN

1. DerpTrolling game server DoS attacker pleads guilty

CHINA

Nil

INDIA

Nil

NORTH KOREA

2. Symantec Uncovers North Korean Group's ATM Attack Malware
3. Lazarus Group Targets Bank Networks to Rob ATMs
4. Hackers from North Korea still breaking into PCs for mining crypto-currencies
5. Symantec researchers dissect North Korean malware used in ATM attacks
6. Top 5 Threats Healthcare Organizations Face and How to Combat Them
7. FASTCash: How the Lazarus Group is Emptying Millions from ATMs

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

8. Triton Malware Spearheads Latest Generation of Attacks on Industrial Systems
9. Top 5 Threats Healthcare Organizations Face and How to Combat Them
10. U.S. Cyber Command CNMF Shares unclassified malware samples via VirusTotal

SERBIA

Nil

UKRAINE

Nil

APT report for 2018-11-07

TRANSNATIONAL / UNKNOWN

1. Feds get guilty plea in 'DerpTrolling' attacks on video game sites
2. Goblin Panda
3. Weekly Threat Briefing: Scammers Ride on Popular Vote411 Voter Info Site to Push Scareware Alerts

CHINA

Nil

INDIA

Nil

NORTH KOREA

Nil

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

Nil

SERBIA

Nil

UKRAINE

Nil