Cisco Talos – Page 9 – WindowsTechs.com

DNC hackers using NATO cyber conference to find phishing targets, researchers find

Posted on October 23, 2017 by Chris Bing

Security researchers recently found evidence showing that the same infamous hacking group responsible for last year’s breach at the Democratic National Committee were attempting to spy on people interested in an upcoming D.C.-based cybersecurity conference, according to Cisco’s Talos research team. In a blog post published Sunday, Talos noted that Group 74, otherwise known as APT28 or Fancy Bear recently sent a wave of spear phishing emails carrying malware-laden Microsoft Word attachments. These malicious emails contained information regarding a conference known as CyCon that’s taking place in early November. The event is produced by the U.S. Army Cyber Institute in collaboration with NATO. The conference often features top leaders from both the U.S. government and other allied nations who help guide cybersecurity relevant policy and missions. “This attack is another example of sophisticated social engineering undertaken by the bad guys in order to trick their intended victims into opening malicious […]

The post DNC hackers using NATO cyber conference to find phishing targets, researchers find appeared first on Cyberscoop.

Continue reading DNC hackers using NATO cyber conference to find phishing targets, researchers find→

Latest Sofacy Campaign Targeting Security Researchers

Posted on October 23, 2017 by Michael Mimoso

Sofacy has been using a lure document connected to a cyber conflict conference to target researchers and others interested in cybersecurity. Continue reading Latest Sofacy Campaign Targeting Security Researchers→

Research claims CCLeaner attack carried out by Chinese-linked group

Posted on October 2, 2017 by Chris Bing

Security researchers increasingly believe that an elite Chinese hacking group broke into British software maker Piriform to booby trap popular file cleaning program CCleaner, according to research and private analysis provided to CyberScoop. New research published Monday by Israeli cybersecurity startup Intezer Labs, authored by senior security researcher Jay Rosenberg, adds support to the conclusion that Chinese hackers tried to gain access to a small number of multinational telecommunications and technology companies. Check out my latest blog post on the stage 2 payload of the #ccleaner attack! Special thanks to @TalosSecurity and @kaspersky https://t.co/YgYjfE3Jo3 — Jay Rosenberg (@jaytezer) October 2, 2017 Although attributing a data breach to a specific hacker group remains an imperfect science, recently uncovered evidence contains technical indicators that overlap with those used by an advanced persistent threat (APT) group codenamed Axiom Group, security researchers at multiple cybersecurity firms told CyberScoop. In addition to Intezer Labs’ analysis, […]

The post Research claims CCLeaner attack carried out by Chinese-linked group appeared first on Cyberscoop.

Continue reading Research claims CCLeaner attack carried out by Chinese-linked group→

CCleaner attack was focused on stealing data from top level tech firms

Posted on September 21, 2017 by Chris Bing

A highly advanced hacking group infected more than 2 million computers with a backdoor implant in order to reach only a select few companies in order to steal trade secrets and intellectual property, according to analysis provided to CyberScoop and new findings published by cybersecurity firms Cisco and the affected vendor, Avast. Researchers believe the hacking group may be a advanced persistent threat (APT) tied to China, although the early evidence is inconclusive. An investigation is ongoing between Avast, its subsidiary Piriform and the FBI. If the operation was in fact backed by Beijing, it would likely violate a 2015 agreement made between the U.S. and China that halted economic espionage between the two countries. Accurate attribution at this stage of the probe remains difficult, experts say. “The attack was targeting select large technology and telecommunication companies in Japan, Taiwan, UK, Germany and the U.S.,” Avast chief technology officer Ondřej Vlček wrote […]

The post CCleaner attack was focused on stealing data from top level tech firms appeared first on Cyberscoop.

Continue reading CCleaner attack was focused on stealing data from top level tech firms→

FreeXL Library Fixes Two Remote Code Execution Vulnerabilities

Posted on September 12, 2017 by Chris Brook

Researchers warned Monday of two remote code execution vulnerabilities in FreeXL that could let an attacker execute code with local user privileges.
Continue reading FreeXL Library Fixes Two Remote Code Execution Vulnerabilities→

Microsoft Won’t Fix Security Bypass Vulnerability in Edge

Posted on September 7, 2017 by Chris Brook

Microsoft is opting to stand pat and not fix a content security bypass vulnerability in its Edge browser, something researchers warn could potentially lead to the disclosure of confidential information. Continue reading Microsoft Won’t Fix Security Bypass Vulnerability in Edge→

Category Archives: Cisco Talos