Senior Security Researcher, Global Research & Analysis Team, ANZNoushin Shabab is a cybersecurity researcher based in Australia, specializing in reverse engineering and targeted attack investigations. She joined Kaspersky in 2016 as a senior security researcher in the Global Research & Analysis Team (GReAT). Her research focuses on the investigation of advanced cyber-criminal activities and targeted attacks with a particular focus on local threats in the Asia Pacific region. Prior to joining Kaspersky, Noushin worked as a senior malware analyst and security software developer focusing on rootkit analysis and detection techniques as well as APT attack investigations. Noushin is very active in the local cybersecurity community in Australia and New Zealand where she regularly presents at various security conferences and events and also delivers technical workshops. She is also a member of the Australian Women in Security Network (AWSN) which aims to connect, support, collaborate and inspire women in the Australian cybersecurity industry. She was the first mentor to provide technical workshops and mentorship in the AWSN cadets program. This initiative aims to bridge the gap between university and industry by bringing together female students from different universities interested in pursuing a career in the information security space.
We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its arsenal.
In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.
While hunting for less common Deathstalker intrusions, we identified a new Janicab variant used in targeting legal entities in the Middle East throughout 2020.
This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022.