article thumbnail

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware 129
article thumbnail

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The Case Of Misleading Timestamps

SiteLock

If we look at the history of this file, as viewed by our scans, the modify time has changed numerous times, ranging from 1995 to 2007 to 2012. Maarten Broekman has worked as a system administrator and systems engineer for over 25 years, primarily in the shared web-hosting space. Clearly, something was odd about this file.

Malware 52
article thumbnail

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

Rezvesz maintains his software was designed for legitimate use only and for system administrators seeking more powerful, full-featured ways to remotely manage multiple PCs around the globe. According to Rezvesz himself, he is no stranger to the Canadian legal system.