Only now Kaspersky Lab’s experts can confirm they have discovered a threat actor that surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades – The Equation Group. Kaspersky provides details [pdf]. Securelist.
The Mandiant security firm has released a report attributing a number of hacking events to Advanced Persistent Threat (APT) activity perpetrated by China's 2nd Bureau of the People's Liberation Army General Staff Deparment's 3rd Department. They have also released an appendix containing multiple artifacts that can be used to detect intrusions on networks.
An advanced and well-orchestrated computer spy operation that targeted diplomats, governments and research institutions for at least five years has been uncovered by security researchers in Russia.
The highly targeted campaign, which focuses primarily on victims in Eastern Europe and Central Asia based on existing data, is still live, harvesting documents and data from computers, smartphones and removable storage devices, such as USB sticks, according to Kaspersky Lab, the Moscow-based antivirus firm that uncovered the campaign. Kaspersky has dubbed the operation “Red October.”[more inside]
Tracking GhostNet: Investigating a Cyber Espionage Network. "A vast electronic spying operation has infiltrated computers and has stolen documents from hundreds of government and private offices around the world, including those of the Dalai Lama, Canadian researchers have concluded. In a report to be issued this weekend, the researchers said that the system was being controlled from computers based almost exclusively in China, but that they could not say conclusively that the Chinese government was involved." [more inside]