Latest Entries »

The OceanLotus, an APT group said to have a Vietnamese background, was first exposed and named by SkyEye Labs (the predecessor of the RedDrip team of QiAnXin Threat Intelligence Center) in May 2015. Its attack activities can be traced back to April 2012 with initial targets including Chinese maritime institutions, maritime construction, scientific research institutes and shipping enterprises. Their targets expanded to almost all important organizations afterwards and related activities are still active now. View full article »

Since July 2015, the Army Lions Organization (APT-C-38) has launched an organized, planned and targeted uninterrupted attack in the Middle East. Its attack platform is Windows and Android. Up to now, 360 Beaconlab has captured 25 Android platform attack samples, 4 Windows platform attack samples, and 16 C2 domain names. View full article »

The APP generation framework is a framework for implementing APP development without complicated technical programming. Developing an APP using the APP generation framework can greatly simplify development steps, shorten the development cycle, and save development costs to a certain extent. View full article »

Waterbug may have hijacked a separate espionage group’s infrastructure during one attack against a Middle Eastern target.

View full article »

Israel military said it bombed building housing Hamas cyber forces. View full article »

Exploitable remotely/low skill level to exploit/public exploits are available View full article »

Below follows an unofficial translation of the Annual Report 2018 of the Dutch General Intelligence and Security Service (GISS, known in Dutch as AIVD). The text below is ~9200 words in total. Hyperlinks and parts between [] brackets were added by me. View full article »

The US DHS issued a new Binding Operational Directive (BOD 19-02) instructing federal agencies and departments to patch critical flaws in within 15 days.

View full article »

Good news for the victims of the ZQ Ransomware, security experts at Emisisoft have released a free decryptor tool.

View full article »

I am writing to inform you that personal information about you may have been involved in the recent cyberattack on Citrix. This notice contains information about the incident that occurred, as well as services Citrix is providing and additional steps you can take to protect yourself against any potential misuse of your personal information. We deeply regret that this incident occurred and take the security of employee information seriously. View full article »