A first-of-its-kind research project highlights the connections between nearly 2,000 samples of Russian APT malware. Russia’s state-sponsored hacking groups rarely share code with one another, and when they do, it’s usually within groups managed by the same intelligence service, a new joint report published today reveals. This report, co-authored by Check Point and Intezer Labs,… Read More


Attackers are exploiting a zero-day vulnerability in Google’s Android mobile operating system that can give them full control of at least 18 different phone models, including four different Pixel models, a member of Google’s Project Zero research group said on Thursday night. There’s evidence the vulnerability is being actively exploited, either by exploit developer NSO… Read More


The U.S. government concluded within the past two years that Israel was most likely behind the placement of cellphone surveillance devices that were found near the White House and other sensitive locations around Washington, according to three former senior U.S. officials with knowledge of the matter. But unlike most other occasions when flagrant incidents of… Read More


A new piece of advanced espionage malware, possibly developed by a nation-supported attacker, targeted three US companies in the utilities industry last month, researchers from security firm Proofpoint reported on Thursday. Employees of the three unnamed companies, Proofpoint reported, received emails purporting to come from the National Council of Examiners for Engineering and Surveying. This… Read More


Chinese intelligence agents acquired National Security Agency hacking tools and repurposed them in 2016 to attack American allies and private companies in Europe and Asia, a leading cybersecurity firm has discovered. The episode is the latest evidence that the United States has lost control of key parts of its cybersecurity arsenal. Based on the timing… Read More


In 2015, Amazon.com Inc. began quietly evaluating a startup called Elemental Technologies, a potential acquisition to help with a major expansion of its streaming video service, known today as Amazon Prime Video. Based in Portland, Ore., Elemental made software for compressing massive video files and formatting them for different devices. Its technology had helped stream… Read More


China’s state hackers have reportedly stolen a large amount of highly-sensitive US navy data on its undersea warfare, including plans for supersonic anti-ship missiles on submarines. Government experts were said to have compromised the computers of a US navy contractor, giving them access to the information, according to the Washington Post, citing unnamed American officials.… Read More


According to reporting of trusted third parties, HIDDEN COBRA actors have likely been using both Joanap and Brambul malware since at least 2009 to target multiple victims globally and in the United States—including the media, aerospace, financial, and critical infrastructure sectors. According to reporting of trusted third parties, HIDDEN COBRA actors have likely been using… Read More


For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor’s widespread use of a sophisticated modular malware system we call ‘VPNFilter.’ We have not completed our research, but recent events have convinced us that the correct way forward is… Read More


Last week, Motherboard reported that a vigilante hacker had stolen data from a hacking group that researchers say is a government-linked cyberespionage unit. The data included GPS locations, text messages, and phone calls that the group had taken from their own victims. Now, that hacker has seemingly published the stolen data online for anyone to… Read More