97 reports
BAE Systems analyzed the Polish financial-sector watering-hole attacks reported by BadCyber and found infrastructure and malware overlaps with other activity against banks in Mexico and Uruguay. The suspected infection path began with the Polish Financial…
Symantec investigated a watering-hole campaign that targeted banks and related organizations in 31 countries, beginning with compromises observed in Poland and extending to blocked infection attempts in Mexico, Uruguay, and Poland. The attackers used comp…
BadCyber reported a major compromise affecting multiple Polish commercial banks after unusual network traffic and unauthorized files were found on workstations and servers. The suspected infection source was the Polish Financial Supervision Authority webs…
Kyoung-Ju Kwak’s HackCon material links the RIFLE campaign to Lazarus Group context from Operation Blockbuster and South Korean incidents including DarkSeoul, financial-sector attacks, and defense-sector spearphishing. The RIFLE malware family is describe…
South Korean police attributed a malicious email operation against foreign affairs, security, defense, and unification personnel to North Korean infrastructure after tracing activity through overseas relay servers back to an IP range in Ryugyong-dong, Pyo…
The excerpt examines fraudulent SWIFT transfer activity against banking environments, including the Bangladesh central bank loss, and notes public suggestions connecting the attacks to high-yield actors such as Carbanak and the Sony hackers without making…
Group-IB’s 2017 trend report identifies the Lazarus North Korean hacker group as targeting major international banks and central banks worldwide for theft and espionage. The excerpt places that activity within a broader rise in state-sponsored operations …