Liviu Arsene

Business Insights In Virtualization and Cloud Security

Bitdefender identified a new attack attributed to a sophisticated actor offering advanced-persistent-threats-as-a-service The targeted company is engaged in architectural projects with billion-dollar luxury real-estate developers in New York, London, Australia and Oman The Bitdefender technology stacks detect the used payloads as well as the malicious behavior ... Read More

Bitdefender recently investigated an APT-style cyberespionage attack targeting an international architectural and video production company, pointing to an advanced threat actor and South Korean-based C&C infrastructure. The targeted company is known to have been collaborating in billion-dollar real estate projects in New York, London, Australia, and Oman. The sophistication of ... Read More

Bitdefender researchers have recently found the APT group StrongPity has been targeting victims in Turkey and Syria. Using watering hole tactics to selectively infect victims and deploying a three-tier C&C infrastructure to thwart forensic investigations, the APT group leveraged Trojanized popular tools, such as archivers, file recovery applications, remote connections ... Read More

Bitdefender researchers have recently found an increasing number of SSH-targeting bots written in Golang. Traditionally, popular malware is written in C, C++ and Perl, and it’s rare that we see attackers creating new malware or bots from scratch, especially using a different programming language. Customizing existing code and botnets is ... Read More

Security has been a huge concern for both businesses and individuals as many employees continue to work from home, with many woefully under prepared for the impact that COVID-19 has had. In fact, new research by Bitdefender found half of infosec professionals (50%) didn’t have a contingency plan in place ... Read More

An advanced Russian government cyber-espionage unit has been exploiting a known Exim email server vulnerability since August 2019, according to an NSA security alert. The NSA said the Russian hackers are part of the GRU Main Center for Special Technologies (GTsST), field post number 74455, and it believes the group ... Read More

Bitdefender researchers have found attacks conducted by the Chafer APT threat group – known to have an apparent Iranian link – in the Middle East region, dating back to 2018. The campaigns were based on several tools, including “living off the land” tools, which makes attribution difficult, as well as ... Read More

With healthcare systems under constant strain amid the SARS-CoV-2 global pandemic, hospitals and healthcare facilities around the world have also been hit by a wave of cyberattacks, including ransomware attacks. While officials have already issued warnings that hospitals, governments and universities may be more conscious about losing data and access ... Read More

A group of sophisticated threat actors known as OceanLotus or PhantomLance has recently become known for disseminating advanced Android threats via official and third-party marketplaces since 2014. They have sought to remotely control infected devices, steal confidential data, install applications and launch arbitrary code. While security researchers have recently documented ... Read More

With the Coronavirus pandemic still going strong, cybercriminals have continued leveraging this crisis by pushing threats designed to compromise victims’ data and security. If during mid-March we’d already seen a five-fold increase in Coronavirus-related threats, recent telemetry shows that cybercriminals have not backed down on their campaigns. If anything, the ... Read More