Collaborate Disseminate
FortiGuard Labs’ Derek Manky talks about how threat playbooks can equip defense teams with the tools they need to fight back against evolving attacker TTPs. Continue reading Simplifying Proactive Defense With Threat Playbooks
A strain of ransomware designed to disrupt computers’ booting processes hit government-run organizations in the Middle East and North Africa in July, researchers said Friday, in the latest example of data-wiping tools being aimed at key organizations in the region. The ransomware attacks used Thanos, a type of malware that surfaced earlier this year and has gained traction on underground forums, according to analysts at Palo Alto Networks. In an increasingly popular tactic among ransomware gangs, Thanos is sold “as a service” to other hackers interested in deploying it. That can make the attacks harder to trace, and allow users to develop their own custom features. The motives behind the attacks are mysterious. A hacker interested in getting paid typically doesn’t disrupt a machine to make it harder for a victim to hand over the ransom. Yet that’s exactly what the perpetrators of the July attacks attempted to do: Their […]
The post Ransomware hits two state-run organizations in the Middle East and North Africa appeared first on CyberScoop.
Continue reading Ransomware hits two state-run organizations in the Middle East and North Africa
via the respected information security capabilities of Robert M. Lee & the superlative illustration talents of Jeff Haas at Little Bobby Comics.
Permalink
The post Robert M. Lee’s & Jeff Haas’ Little … Continue reading Robert M. Lee’s & Jeff Haas’ Little Bobby Comics – ‘WEEK 104’ (From The Archive)
Report on espionage attacks using LinkedIn as a vector for malware, with details and screenshots. They talk about "several hints suggesting a possible link" to the Lazarus group (aka North Korea), but that’s by no means definite. As part of the initial compromise phase, the Operation In(ter)ception attackers had created fake LinkedIn accounts posing as HR representatives of well-known companies… Continue reading Nation-State Espionage Campaigns against Middle East Defense Contractors
Ben Buchanan has written "A National Security Research Agenda for Cybersecurity and Artificial Intelligence." It’s really good — well worth reading…. Continue reading AI and Cybersecurity
The Wall Street Journal has a story about how two people were identified as the perpetrators of a ransomware scheme. They were found because — as generally happens — they made mistakes covering their tracks. They were investigated because they had the bad luck of locking up Washington, DC’s video surveillance cameras a week before the 2017 inauguration. EDITED TO… Continue reading Identifying and Arresting Ransomware Criminals
Interesting details on Olympic Destroyer, the nation-state cyberattack against the 2018 Winter Olympic Games in South Korea. Wired’s Andy Greenberg presents evidence that the perpetrator was Russia, and not North Korea or China…. Continue reading Details of the Olympic Destroyer APT
Kaspersky has a detailed blog post about a new piece of sophisticated malware that it’s calling Reductor. The malware is able to compromise TLS traffic by infecting the computer with hacked TLS engine substituted on the fly, "marking" infected … Continue reading New Reductor Nation-State Malware Compromises TLS
Kaspersky has a detailed blog post about a new piece of sophisticated malware that it’s calling Reductor. The malware is able to compromise TLS traffic by infecting the computer with hacked TLS engine substituted on the fly, "marking" infected TLS handshakes by compromising the underlining random-number generator, and adding new digital certificates. The result is that the attacker can identify,… Continue reading New Reductor Nation-State Malware Compromises TLS
Microsoft and the Hewlett Foundation are preparing to launch a nonprofit organization dedicated to exposing the details of harmful cyberattacks and providing assistance to victims in an effort to highlight their costs, CyberScoop has learned. Known to its organizers as the “Cyber Peace Institute,” the nonprofit is expected to debut in the coming weeks, according to multiple sources who have discussed it with the organizers. The institute aims to investigate and provide analytical information on large-scale attacks against civilian targets, assess the costs of these attacks and give security tools to both individuals and organizations that will help them become more resilient, according to a description of the nonprofit provided during a session at the 2019 B-Sides Las Vegas cybersecurity conference. “We have a shared global responsibility to prevent the Internet from becoming ‘weaponized’ by increasing attacks by criminal groups and state actors alike,” the description reads. “We already have global organizations to tackle […]
The post Microsoft, Hewlett Foundation preparing to launch nonprofit that calls out cyberattacks appeared first on CyberScoop.