Hacks

Cyberespionage group known as BlackTech who behind the Waterbear malware campaign that has been targeted at various industries several years return to attack Government and technology companies. Researchers recently uncovered a brand new piece of Waterbear payload with sophisticated hiding capability in the network from a specific security product by API hooking techniques.  API hooking is a technique used to modify or hide the  API Calls  behavior and flow to evade detection of its activities in run time. If the attacker knowing which specific APIs to hook in their attack, it means that they are familiar with how certain security products gather information on their clients’ endpoints and networks. Researchers excited that this is the first time seen Waterbear attempting to hide its backdoor activities, and the attackers are very knowledgeable of the victim’s environment. Waterbear Malware Behaviour There is some modular approach that was observed t...

As part of its active efforts to protect billions of online users, Google identified and warned over 12,000 of its users who were targeted by a government-backed hacking attempt in the third quarter of this year. According to a  report  published by Google's Threat Analysis Group (TAG), more than 90 percent of the targeted users were hit with " credential phishing emails " that tried to trick victims into handing over access to their Google account. Google's TAG tracks over 270 government-backed hacking groups from over 50 countries that are involved in intelligence collection, stealing intellectual property, destructive cyber attacks, targeting dissidents, journalists, and activists, or spreading coordinated disinformation. The alerts were sent to targeted users between July and September 2019, which is consistent within a +/-10 percent range of the number of phishing email warnings sent in the same period of 2018 and 2017, the company said. These warnings usual...