Category: Uncategorized


The OceanLotus, an APT group said to have a Vietnamese background, was first exposed and named by SkyEye Labs (the predecessor of the RedDrip team of QiAnXin Threat Intelligence Center) in May 2015. Its attack activities can be traced back to April 2012 with initial targets including Chinese maritime institutions, maritime construction, scientific research institutes and shipping enterprises. Their targets expanded to almost all important organizations afterwards and related activities are still active now. Continue reading

Since July 2015, the Army Lions Organization (APT-C-38) has launched an organized, planned and targeted uninterrupted attack in the Middle East. Its attack platform is Windows and Android. Up to now, 360 Beaconlab has captured 25 Android platform attack samples, 4 Windows platform attack samples, and 16 C2 domain names. Continue reading

The APP generation framework is a framework for implementing APP development without complicated technical programming. Developing an APP using the APP generation framework can greatly simplify development steps, shorten the development cycle, and save development costs to a certain extent. Continue reading

Waterbug may have hijacked a separate espionage group’s infrastructure during one attack against a Middle Eastern target.

Continue reading

Israel military said it bombed building housing Hamas cyber forces. Continue reading

Exploitable remotely/low skill level to exploit/public exploits are available Continue reading

Below follows an unofficial translation of the Annual Report 2018 of the Dutch General Intelligence and Security Service (GISS, known in Dutch as AIVD). The text below is ~9200 words in total. Hyperlinks and parts between [] brackets were added by me. Continue reading

The US DHS issued a new Binding Operational Directive (BOD 19-02) instructing federal agencies and departments to patch critical flaws in within 15 days.

Continue reading

Good news for the victims of the ZQ Ransomware, security experts at Emisisoft have released a free decryptor tool.

Continue reading

I am writing to inform you that personal information about you may have been involved in the recent cyberattack on Citrix. This notice contains information about the incident that occurred, as well as services Citrix is providing and additional steps you can take to protect yourself against any potential misuse of your personal information. We deeply regret that this incident occurred and take the security of employee information seriously. Continue reading