Lazarus targets defense industry with ThreatNeedle
Lazarus targets defense industry with ThreatNeedle (PDF) We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. After taking […] more…Let’s Encrypt Begins Retirement of TLS-SNI-01 Validation
Free and open Certificate Authority (CA) Let’s Encrypt today started the process of completely retiring TLS-SNI-01 validation support. read more more…Supply Chain Attack Operation Red Signature Targets South Korean Organizations
by Jaromir Horejsi, Joseph C. Chen, Kawabata Kohei, and Kenney Lu Together with our colleagues at IssueMakersLab, we uncovered Operation Red Signature, an information theft-driven supply chain attack targeting organizations in South Korea. We discovered the attacks around the end of July, while the media reported the attack in South Korea on August 6. The […] more…Cryptojacking Campaign Caught Targeting Over 200,000 MikroTik Routers
Our routers are our connection to the internet, allowing us to use our devices to access websites at our leisure. And because of this, routers are often a target for hackers. In fact, just this week, it was uncovered that MikroTik is the latest router manufacturer under siege, as researchers have discovered a massive Coinhive […] more…Not Only Botnets: Hacking Group in Brazil Targets IoT Devices With Malware
Instances involving compromised devices, botnets, and vulnerabilities have become ordinary occurrences. This makes sense given the increased connectivity today, but ask yourself: What is the most common internet-of-things (IoT) device across network infrastructures, whether in homes or businesses? Answer: the router. Even before the term IoT was coined, we had the routers at the gateway, […] more…Wired and Tired: 6 Ways to Restore What Technology Zaps
I pictured myself at this stage of parenting sitting in a dark forest Yoda-like as younger mothers sheepishly approached in search of wisdom. But reality and time — especially in parenting — become the great equalizers, yes? Even though my kids are now 16 and 22, I more closely resemble a Yo-Yo than the ever-wise […] more…Wired and Tired: 6 Simple Ways to Restore the Things Technology Zaps
I pictured myself at this stage of parenting sitting in a dark forest Yoda-like as younger mothers looked to me for wisdom. But even though my kids are now 16 and 22, it’s confusion, not clarity that invades my decision making. And that whole Yoda thing? Yeah — never gonna happen. Raising kids of any age […] more…Continuous IT audits are needed to combat today’s cyber threats
We find that many IT departments within our clients’ organizations have very talented IT staff, but all too often they don’t have an information security and compliance staff member on board. All too often this role is not in place. So the question is, how can they meet compliance and maintain security of their vital […] more…Windows zero-day exploit used in targeted attacks by FruityArmor APT
A few days ago, Microsoft published the “critical” MS16-120 security bulletin with fixes for vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Silverlight and Microsoft Lync. One of the vulnerabilities – CVE-2016-3393 – was reported to Microsoft by Kaspersky Lab in September 2016. Here’s a bit of background on how this zero-day was discovered. […] more…Zero-Day Attack Discovered in Magnitude Exploit Kit Targeting CVE-2016-1019 in Older Versions of Adobe Flash Player
By Peter Pi, Brooks Li and Joseph C. Chen Following their security advisory last April 5, 2016, Adobe has released an out of band patch today for the vulnerability CVE-2016-1019, which affects Adobe Flash Player. Trend Micro has observed active zero day attacks from the Magnitude Exploit Kit affecting users of Flash 20.0.0.306 and earlier. These attacks are not effective against […] more…Poseidon Group: a Targeted Attack Boutique specializing in global cyber-espionage
During the latter part of 2015, Kaspersky researchers from GReAT (Global Research and Analysis Team) got hold of the missing pieces of an intricate puzzle that points to the dawn of the first Portuguese-speaking targeted attack group, named “Poseidon.” The group’s campaigns appear to have been active since at least 2005, while the very first […] more…The GasPot Experiment: Hackers Target Gas Tanks
Physically tampering with gasoline tanks is dangerous enough, given how volatile gas can be. Altering a fuel gauge can cause a tank to overflow, and a simple spark can set everything ablaze. But imagine how riskier it is if a hacker can do all this remotely, especially now that a number of fuel companies worldwide […] more…Four Steps To An Effective Targeted Attack Response
For many organizations today, the question is no longer if they will fall victim to a targeted attack, but when. In such an event, how an organization responds will determine whether it becomes a serious event or if it stays a mere annoyance. This requires something of a change of mindset for information security professionals. Previous techniques and […] more…Most Common Attacks Affecting Today’s Websites
New web-based attack types and vectors are coming out every day, this is causing businesses, communities and individuals to take security seriously now more than they ever have in the past. This is a huge win for the World Wide Web and it’s a trend that is pushing technology further towards more robust and securely […] more…Targeted exploit
In September Microsoft published information about a new Internet Explorer vulnerability – CVE-2013-3893. The vulnerability affects IE versions 6 through 11 for platforms from Windows XP through Windows 8.1. Later in September, the company released a patch closing the vulnerability. Cybercriminals are happy to exploit such vulnerabilities because they are easy to monetize – the […] more…Internet Slow Today? Global “Biggest Attack Ever” May Be to Blame
Users experienced widespread delays and outages in Internet service around the world this week after a group called Spamhaus made a new addition to its spam blacklist—a Dutch company called Cyberbunker. Email service providers (like Gmail or Hotmail) use blacklist services like Spamhaus to separate likely spam messages from legitimate mail, and as it turns […] more…More information
- Malware Iframe Campaign from Sytes(.)net
- Apple joins industry effort to eliminate passwords
- Microsoft Windows CVE-2016-0142 Remote Code Execution Vulnerability
- NSA whistleblower: No software is ‘safe from surveillance’
- 5.9 Million Card Details Accessed in Dixons Carphone Hack
- OmniRAT on the loose: Spyware’s nibbling Android with a taste for Linux, Mac and Windows
- OpenSSL fork LibreSSL is declared "unsafe for Linux"
- Peek behind abbreviated Web links with Unshorten.it
- Malvertiser behind 100+ million bad ads indicted in the US
- U.S. urged to ban foreign firms that steal intellectual property