114 articles

No Monkeys for CozyDuke

Yet another Duke APT is hitting high-profile targets, including the US government office. This time it’s CozyDuke (also known as CozyBear, CozyCar or “Office Monkeys”,  in honour of the video it employs as a decoy).

Deny the Hellsing APT by default

Kaspersky Lab experts have discovered a new APT campaign that targets government institutions, mainly in the APAC region. It was named “Hellsing” after the string containing the project directory name found within the attack components’ code.

Non-Impervious: cybercriminals make mistakes too

Cybercriminals go at great lengths to throw researchers off their scent, but just like in the “offline” crime world they make errors and leave peculiar traces behind, making them look a bit silly, while the cyber-forensic experts get happy.