attribution Archives

CrowdStrike, Microsoft aim to eliminate confusion in threat group attribution

Wild variances in naming taxonomies aren’t going away, but a new initiative from the security vendors aims to more publicly address obvious overlap in threat group attribution.

Jun 3, 2025 By Matt Kapko

A sign for the National Security Agency (NSA), U.S. Cyber Command and Central Security Service, is seen near the visitor’s entrance to the headquarters of the NSA at the entrance in Fort Meade, Maryland, February 14, 2018. (Photo by SAUL LOEB/AFP via Getty Images)

Chinese researchers accuse NSA of being behind a powerful exploit

Chinese researchers are stepping up their attribution game.

Feb 23, 2022 By Tonya Riley

Russia-linked Sandworm reportedly has retooled with ‘Cyclops Blink’

The "large-scale modular malware framework" has largely replaced the "VPNFilter" tools that Sandworm used before they were disrupted in 2018.

Feb 23, 2022 By Joe Warminsky

The skyline of Tel Aviv, Israel. (Photo by Yoni Lerner/Flickr)

Chinese hackers posed as Iranians to breach Israeli targets, FireEye says

Spooks often like to frame others for their work.

Aug 10, 2021 By Sean Lyngaas

Security researchers suggest naming state-harbored hackers ‘privateers’

Cybersecurity executives have compared the safe havens that some governments provide cybercriminals today with 17th century piracy.

May 26, 2021 By Sean Lyngaas

The Thanos ransomware used in the attacks has gained traction on underground forums (Getty Images).

Ransomware hits two state-run organizations in the Middle East and North Africa

It's the latest example of data-wiping tools being aimed at key organizations in the region.

Sep 4, 2020 By Sean Lyngaas

Microsoft; cyber peace institute — (Getty Images)

Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks

Informally known as the "Cyber Peace Institute," the organization plans to act as a neutral arbiter that calls out bad behavior on the internet.

Sep 9, 2019 By Shannon Vavra

Chinese-linked APT10 has been active in the Philippines, researchers say

In recent years the group has compromised organizations in the U.S., Europe, and Japan.

May 24, 2019 By Sean Lyngaas

Grant Schneider, federal CISO, National Security Council, cybersecurity — Grant Schneider speaks at the Security Through Innovation Summit presented by McAfee and produced by CyberScoop and FedScoop. (CyberScoop)

National Security Council cyber chief: Criminals are closing the gap with nation-state hackers

“They’re not five years behind nation-states anymore, because the tools have become more ubiquitous,” Grant Schneider says.

Apr 25, 2019 By Shannon Vavra

Tonya Ugoretz, FBI, Cyber Division — Tonya Ugoretz speaks April 4, 2019, at the Cybersecurity Leadership Forum presented by Forcepoint and produced by CyberScoop and FedScoop. (CyberScoop)

SamSam outbreak led to FBI restructuring, top official says

The notorious ransomware forced the FBI to rethink how the bureau tackles cyber investigations.

Apr 4, 2019 By Sean Lyngaas