Advanced Persistent Threat – Page 6

Researchers Developed Artificial Intelligence-Powered Stealthy Malware

Posted on August 9, 2018 by Mohit Kumar

Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization.

However, the same technology can also be weaponized by threat actors to p… Continue reading Researchers Developed Artificial Intelligence-Powered Stealthy Malware→

DHS cyber specialist: look for behavior patterns with APTs

Posted on June 11, 2018 by Sean Lyngaas

To better track advanced hacking groups, U.S.-based companies should watch for signals in human behavior instead of changing tactics, according to Casey Kahsen, an IT specialist at the Department of Homeland Security. From one campaign to another, there are “a lot of similarities” in the behavior of a Russian government hacking group that has targeted U.S. energy companies, Kahsen said Friday at a cybersecurity event on Capitol Hill. “Some things have changed, but the behavior element remains largely the same because that’s expensive to change,” he said. “The actors are going to change tactics; they’re going to change tools,” Kahsen explained at the event, hosted by the Lexington Institute. “We need to be looking for the things that they did that are more difficult to change – the human behavior element.” The human behavior that Kahsen referenced typically includes a group’s hours of operations or coding style, which cybersecurity experts say […]

The post DHS cyber specialist: look for behavior patterns with APTs appeared first on Cyberscoop.

Continue reading DHS cyber specialist: look for behavior patterns with APTs→

A New Paradigm For Cyber Threat Hunting

Posted on June 11, 2018 by Mohit Kumar

It’s no secret that expecting security controls to block every infection vector is unrealistic. For most organizations, the chances are very high that threats have already penetrated their defenses and are lurking in their network.

Pinpointing such th… Continue reading A New Paradigm For Cyber Threat Hunting→

Kaspersky uncovers sophisticated cyber-espionage operation across Africa and Middle East

Posted on March 12, 2018 by Zaid Shoorbajee

Researchers have uncovered new malware that has apparently been used to spy on victims in the Middle East and Africa for six years undetected. A Friday report from Moscow-based Kaspersky Lab details how a threat it’s calling “Slingshot” has been infecting victims, collecting a wide variety of data and exfiltrating it in a covert fashion. The company says the threat is likely the work of a resource-rich government. “Slingshot is very complex and the developers behind it have clearly spent a great deal of time and money on its creation. Its infection vector is remarkable – and, to the best of our knowledge, unique,” the researchers write. Kaspersky says the APT has been active as far back as 2012 and was still active as of their analysis in February this year. Slingshot is apparently so sophisticated that Kaspersky has labeled it an advanced persistent threat (APT). The researchers say that Slingshot’s infection vector […]

The post Kaspersky uncovers sophisticated cyber-espionage operation across Africa and Middle East appeared first on Cyberscoop.

Continue reading Kaspersky uncovers sophisticated cyber-espionage operation across Africa and Middle East→

Mobile Bootloaders From Top Manufacturers Found Vulnerable to Persistent Threats

Posted on September 6, 2017 by Swati Khandelwal

Security researchers have discovered several severe zero-day vulnerabilities in the mobile bootloaders from at least four popular device manufacturers that could allow an attacker to gain persistent root access on the device.

A team of nine security r… Continue reading Mobile Bootloaders From Top Manufacturers Found Vulnerable to Persistent Threats→

Threatpost News Wrap, August 11, 2017

Posted on August 11, 2017 by Chris Brook

Mike Mimoso and Chris Brook discuss the news of the week including the return of the Mamba ransomware, APT trends, a mystery company’s 250K bug bounty, and a high schooler’s $10K bug bounty from Google. Continue reading Threatpost News Wrap, August 11, 2017→

Updates to Sofacy, Turla Highlight 2017 Q2 APT Activity

Posted on August 8, 2017 by Chris Brook

Attackers behind APT campaigns have kept busy in Q2 2017, adding new ways to bypass detection, crafting new payloads to drop, and identifying new zero days and backdoors to help them infect users and maintain persistence on machines.

Continue reading Updates to Sofacy, Turla Highlight 2017 Q2 APT Activity→

Platinum APT First to Abuse Intel Chip Management Feature

Posted on June 9, 2017 by Michael Mimoso

Microsoft has found a file-transfer tool used by the Platinum APT that leverages Intel Active Management Technology to stealthily load malware onto networked computers. Continue reading Platinum APT First to Abuse Intel Chip Management Feature→

You’ll never guess where Russian spies are hiding their control servers

Posted on June 6, 2017 by Dan Goodin

Turla uses social media and clever programming techniques to cover its tracks. Continue reading You’ll never guess where Russian spies are hiding their control servers→

Criminals getting closer to State Actors

Posted on April 3, 2017 by Roger Halbheer

A few years ago, we saw a clear difference between state actors and criminals looking at the technologies and procedures they applied attacking an environment. Over time we have seen these two groups coming closer together. In the meantime, criminals seem to have caught up. They started to use more sophisticated and targeted malware and… Continue reading Criminals getting closer to State Actors→