IT threat evolution Q3 2020
Targeted attacks MATA: Lazarus’s multi-platform targeted malware framework The more sophisticated threat actors are continually developing their TTPs (Tactics, Techniques and Procedures) and the toolsets they use to compromise the systems of their targets. However, malicious toolsets used to target multiple platforms are rare, because they required significant investment to develop and maintain them. In […] more…IT threat evolution Q3 2019
Targeted attacks and malware campaigns Mobile espionage targeting the Middle East At the end of June we reported the details of a highly targeted campaign that we dubbed ‘Operation ViceLeaker’ involving the spread of malicious Android samples via instant messaging. The campaign affected several dozen victims in Israel and Iran. We discovered this activity in […] more…APT review: what the world’s threat actors got up to in 2019
What were the most interesting developments in terms of APT activity during the year and what can we learn from them? This is not an easy question to answer, because researchers have only partial visibility and it´s impossible to fully understand the motivation for some attacks or the developments behind them. However, let´s try to […] more…Analyzing C/C++ Runtime Library Code Tampering in Software Supply Chain Attacks
By Mohamad Mokbel For the past few years, the security industry’s very backbone — its key software and server components — has been the subject of numerous attacks through cybercriminals’ various works of compromise and modifications. Such attacks involve the original software’s being compromised via malicious tampering of its source code, its update server, or […] more…IT threat evolution Q2 2018
Targeted attacks and malware campaigns Operation Parliament In April, we reported the workings of Operation Parliament, a cyber-espionage campaign aimed at high-profile legislative, executive and judicial organizations around the world – with its main focus in the MENA (Middle East and North Africa) region, especially Palestine. The attacks, which started early in 2017, target parliaments, […] more…More information
- LeakedSource data breach website goes offline following alleged police raid
- Researchers bypass PayPal’s two-factor authentication system
- Hold North Korea Accountable for WannaCry—And the NSA, Too
- Apple Patches Remote Code Execution Flaws in iOS, macOS
- Microsoft Windows Device Guard CVE-2018-8132 Local Security Bypass Vulnerability
- Microsoft Edge and Internet Explorer XSS Filter CVE-2016-3273 Information Disclosure Vulnerability
- Huawei to Poland: ‘We’ll build a cybersecurity centre if that’s what it takes’
- ITS Support Suite – Wagner Building Phone Outage Scheduled for Friday, Sept. 28 beginning at 5 a.m.
- BlackBerry Enterprise Service 10: The Smart Choice for Multi-Platform BYOD
- Supply chain disruption, Apple, and the importance of ops