Collaborate Disseminate
By David Balaban
Advanced persistent threats (APTs) are increasingly targeting enterprise networks nowadays. This article highlights a recent attack against a large, well-protected Australian organization that entailed a major data breach. It’s Monday,… Continue reading The Logic of a Classic Advanced Persistent Threat Attack
Sophisticated threats remain one of the main concerns in enterprises today. As environments grow in complexity, malware actors find innovative ways to infiltrate overlooked entry points in the network, hiding behind the scenes to wreak havoc witho… Continue reading Scranos Rootkit Operation Turns Global; Enterprises to Improve Security Posture
Researchers have uncovered an advanced persistent threat that for at least five years has used an array of hacking tools and covert automatic updates as part of a hacking campaign that bears little technical similarity to any other APT. The “TajMahal” cyber-espionage group uses software backdoors, audio recorders, keyloggers, screen and webcam grabbers, cryptography key stealers and up to 80 malicious modules as part of a “full-blown spying framework,” according to research published Wednesday by Kaspersky Lab. TajMahal relies on an entirely new base of code that has no similarities to other known malware or APT techniques, helping its operators avoid detection between August 2013 and April 2018, researchers found. “Just to highlight its capabilities, TajMahal is able to steal data from a CD burnt by a victim as well as from the printer queue,” Kaspersky said in a blog post. “It also can request to steal a particular file from […]
The post New APT group TajMahal operates as a ‘full-blown spying network,’ Kaspersky says appeared first on CyberScoop.
Continue reading New APT group TajMahal operates as a ‘full-blown spying network,’ Kaspersky says
A highly sophisticated APT framework has been found targeting a single Central Asian diplomatic entity for years. Continue reading SAS 2019: Meet ‘TajMahal,’ A New and Highly Advanced APT Framework
This week, CYBER speaks to Shane Huntley, the Director of Google’s Threat Analysis Group (TAG), essentially Google’s hacker hunting team. Continue reading How Google Tracks Hackers
How do advanced persistent threat groups such as Double Secret Octopus and Anchor Panda get their ridiculous names? Continue reading The APT Name Game: How Grim Threat Actors Get Goofy Monikers
Anthem, the second-largest health insurer in the US, will pay $16 million to the US Department of Health and Human Services, Office for Civil Rights following a data breach that exposed the electronic protected health information (ePHI) of almost … Continue reading Anthem Agrees to $16 Million Settlement Following Compromise of 80 Million Health Records
The financial services industry has been one of the most targeted in 2018, with third-party risks still the main cause of data breaches in this sector. Almost 50 percent of financial institutions were breached in the past year, found a survey cond… Continue reading Lack of Specialists, Tools, Budget and Knowledge Are the Main Roadblocks for Financial Sector in 2018
The US Department of Homeland Security Computer Emergency Readiness Team has just issued a technical alert earlier this week, warning that US companies operating in critical sectors are at risk, as cyberespionage attempts from foreign governments … Continue reading MSP Networks Actively Targeted by Nation-Sate APTs, US Government Warns
The term “advanced persistent threat” (APT) describes a continuous series of persistent, covert cyber attacks that target specific business or political organizations. Usually created, directed and monitored by a dedicated set of hackers (an APT group… Continue reading How to Safeguard Against APT Attacks