Brandon Levene – WindowsTechs.com

Why Cyber Command’s latest warning is a win for the government’s information sharing efforts

Posted on July 10, 2019 by Shannon Vavra

When U.S. Cyber Command warned last week that a hacking group was using a Microsoft Outlook vulnerability previously leveraged by an Iran-linked malware campaign, it appeared to be signaling just how much the military knows about those operations. But the alert was significant in other ways: behind-the-scenes details uncovered by CyberScoop show that it is an example of how the U.S. government has built up its use of the information-sharing platform VirusTotal so the private sector gets more information sooner. Along with Cyber Command’s warning, which also was shared in a tweet, the Department of Homeland Security (DHS) released its own private warning to industry, CyberScoop has learned. The department’s traffic light protocol (TLP) alert covered the same threat that Cyber Command would eventually post to VirusTotal. In going public with the malicious files, Cyber Command appears to have revealed new information about how Iran-linked actors leveraged another malware family, known as Shamoon, as recently as 2017, according to Chronicle, which owns VirusTotal. Not only is it […]

The post Why Cyber Command’s latest warning is a win for the government’s information sharing efforts appeared first on CyberScoop.

Continue reading Why Cyber Command’s latest warning is a win for the government’s information sharing efforts→

Cyber Command’s latest VirusTotal upload has been linked to an active attack

Posted on May 21, 2019 by Shannon Vavra

The malware sample that U.S. Cyber Command uploaded to VirusTotal last week is still involved in active attacks, multiple security researchers tell CyberScoop. Researchers from Kaspersky Lab and ZoneAlarm, a software security company run by Check Point Technologies, tell CyberScoop they have linked the malware with APT28, the same hacking group that breached the Democratic National Committee during the 2016 election cycle. A variant of the malware is being used in ongoing attacks, hitting targets as recently this month. The targets include Central Asian nations, as well as diplomatic and foreign affairs organizations, Kaspersky Lab’s principal security researcher Kurt Baumgartner tells CyberScoop. While ZoneAlarm can’t confirm the targets the attack is focused on, the company detected the specific malware hash in an active attack in the Czech Republic last week, Lotem Finkelsteen, ZoneAlarm’s Threat Intelligence Group Manager, tells CyberScoop. “Although we cannot confirm such an attack, Finkelsteen said, referring to the […]

The post Cyber Command’s latest VirusTotal upload has been linked to an active attack appeared first on CyberScoop.

Continue reading Cyber Command’s latest VirusTotal upload has been linked to an active attack→

Github Repository Owners Targeted by Data-Stealing Malware

Posted on March 30, 2017 by Michael Mimoso

Owners of Github repositories were the focus of a phishing campaign spreading the Dimnie information-stealing malware. Continue reading Github Repository Owners Targeted by Data-Stealing Malware→