Booz Allen’s Dark Labs Advanced Threat Hunt team has developed an advanced technique to discover and block new variants of malware that poses a threat to organizations worldwide. Using an open source indicator of compromise (IOC), the research team was able to identify three additional variants of malware associated with APT34, a group thought to be involved in nation-state cyber-espionage, according to a technical brief from Booz Allen. The report describes how the team used a combination of open-source reporting and “acquired sources of threat intelligence,” then combined this information with its own tools to perform deep analysis on known APT34 behaviors. “The life cycle of an openly reported IOC does not end when an operator deploys the indicator to a sensor, or a threat hunter checks their security information and event manager (SIEM),” said the report’s authors, Chad Gray and Will Farrell. “Merging the IOC with internal or external […]
The post Cybersecurity researchers identify new variants of APT34 malware appeared first on Cyberscoop.
Continue reading Cybersecurity researchers identify new variants of APT34 malware→