New Adobe Flash Zero-Day Used in Pawn Storm Campaign
Analysis by Brooks Li, Feike Hacquebord, and Peter Pi Trend Micro researchers have discovered that the attackers behind Pawn Storm, the long-running cyber-espionage campaign, are using an Adobe Flash zero-day exploit code for their attacks. The particular affected vulnerability is still unpatched, making Flash users vulnerable to attacks. In this most recent campaign of Pawn Storm, several […] more…US officials: Jury still out on who hacked OPM
NSA director said China had conducted more cyberattacks against the US than any other country, but hinted Russia was more skillful. more…Businesses Held for Ransom: TorrentLocker and CryptoWall Change Tactics
Perpetrators behind ransomware have moved away from targeting consumers and tailored their attacks to extort small and medium-sized businesses (SMBs).This business segment make potentially good targets for ransomware since small businesses are less likely to have the sophisticated solutions that enterprises have. And at the same time, the owners often have the capacity to pay. […] more…Sanctions For Hacking: Good or Bad Idea?
Last week, news reports said the United States government was considering enacting sanctions against individuals and organizations in China and Russia for their involvement in hacking incidents targeting US companies. While hacks against government bodies like the Office of Personnel Management (OPM) have received the most attention, these sanctions are not aimed at these sorts of attacks. These actions may sound like a giant […] more…Pawn Storm’s Domestic Spying Campaign Revealed; Ukraine and US Top Global Targets
Why would Pawn Storm, the long-running cyber-espionage campaign, set its sights on a Russian punk rock group? Sure, Pussy Riot is controversial. Members of the feminist band had previously been thrown in jail for their subversive statements against the Orthodox Church and Russian patriarchal system. But why would attackers have any interest in them? What […] more…Inside the $100M ‘Business Club’ Crime Gang
New research into a notorious Eastern European organized cybercrime gang accused of stealing more than $100 million from banks and businesses worldwide provides an unprecedented, behind-the-scenes look at an exclusive “business club” that dabbled in cyber espionage and worked closely with phantom Chinese firms on Russia’s far eastern border. Tags: Security more…Duqu 2.0 hackers may have cracked Kaspersky to recon research
Eugene Kaspersky, the Russian whose namesake company acknowledged that it had been infected with top-tier malware, struggled during a press conference to come up with reasons why the hackers targeted his firm. After all, antivirus makers like Kaspersky Lab should be prepared to sniff out and snuff out an attack. “They were not only stupid, […] more…Statistics on botnet-assisted DDoS attacks in Q1 2015
Statistics on botnet-assisted DDoS attacks in Q1 2015 [pdf] Methodology A DDoS (Distributed Denial of Service) attack is one of the techniques mostly often used by cybercriminals. It is intended to reduce an information system, typically a website, to a state where it cannot be accessed by legitimate users. One popular DDoS scenario is a […] more…Spam and Phishing in the First Quarter of 2015
Spam: features of the quarter New domain zones In January 2014 the New gTLD program of registration for new generic top-level domains designated for certain types of communities and organizations was launched. The main advantage of this program is the opportunity for organizations to choose a domain zone that is clearly consistent with their activities […] more…Ad Network Compromised, Users Victimized by Nuclear Exploit Kit
MadAdsMedia, a US-based web advertising network, was compromised by cybercriminals to lead the visitors of sites that use their advertising platform to Adobe Flash exploits delivered by the Nuclear Exploit Kit. Up to 12,500 users per day may have been affected by this threat; three countries account for more than half of the hits: Japan, the United States, […] more…IT threat evolution in Q1 2015
Q1 in figures According to KSN data, Kaspersky Lab products detected and neutralized a total of 2,205,858,791 malicious attacks on computers and mobile devices in the first quarter of 2015. Kaspersky Lab solutions repelled 469,220,213 attacks launched from online resources located all over the world. Kaspersky Lab’s web antivirus detected 28,483,783 unique malicious objects: scripts, […] more…Operation Pawn Storm Ramps Up its Activities; Targets NATO, White House
Long-running APT campaign Operation Pawn Storm has begun the year with a bang, introducing new infrastructure and zeroing in on targets including North Atlantic Treaty Organization (NATO) members and even the White House. This is according to the latest intelligence gleaned from Trend Micro’s ongoing research into the attack group, and comes as a follow-up […] more…How Targeted Attacks Changed in 2014
2014 was a year in which we saw further refinements in targeted attack methodologies. As more organizations upgraded to newer versions of Windows, we saw the increased use of 64-bit malware in several campaigns. Examples of 64-bit malware include HAVEX, a remote access Trojan (RAT) used in a campaign that targeted industrial control systems (ICS), and WIPALL, […] more…SIMDA: A Botnet Takedown
The collaboration between Trend Micro, INTERPOL, and other private organizations resulted in another triumph for the security industry earlier this week: the takedown of the SIMDA botnet. Trend Micro provided information such as the IP addresses of the affiliated servers and statistical information about the malware used, which led to the disruption of the botnet activities. […] more…Simda’s Hide and Seek: Grown-up Games
On 9 April, 2015 Kaspersky Lab was involved in the synchronized Simda botnet takedown operation coordinated by INTERPOL Global Complex for Innovation. In this case the investigation was initially started by Microsoft and expanded to involve a larger circle of participants including TrendMicro, the Cyber Defense Institute, officers from the Dutch National High Tech Crime […] more…The Banking Trojan Emotet: Detailed Analysis
Introduction In the summer of 2014, the company Trend Micro announced the detection of a new threat – the banking Trojan Emotet. The description indicated that the malware could steal bank account details by intercepting traffic. We call this modification version 1. In the autumn of that year a new version of Emotet was found. […] more…More information
- Stop looking over my shoulder!
- Ship Tracking Hack Makes Tankers Vanish from View
- Publicizing a firm’s security levels may strengthen security over time, study finds
- As four-day workweek trial ends, most companies stick with the change
- US Senate resolution aims to roll back privacy rules for ISPs
- From floppy disks to deep freeze: what’s the best way to store data?
- New ‘Girls Around Me’ app highlights privacy failures
- Analyzing the Pawn Storm Java Zero-Day – Old Techniques Reused
- Privacy outcry over proposal to reveal website owners’ identities
- FBI Exposing Sensitive Data via Improper Handling of Storage Devices: Audit