Collaborate Disseminate
A large botnet of Android devices called WireX is responsible for large-scale application-layer DDoS attacks against businesses in the hospitality, porn and gambling industries.
Continue reading Mobile WireX DDoS Botnet ‘Neutralized’ by Collaboration of Competitors
A half dozen technology and security companies — some of them competitors — issued the exact same press release today. This unusual level of cross-industry collaboration caps a successful effort to dismantle ‘WireX,’ an extraordinary new crime machine comprising tens of thousands of hacked Android mobile devices that was used this month to launch a series of massive cyber attacks.
Experts involved in the takedown warn that WireX marks the emergence of a new class of attack tools that are more challenging to defend against and thus require broader industry cooperation to defeat. Continue reading Tech Firms Team Up to Take Down ‘WireX’ Android DDoS Botnet
Flashpoint warns of a new business email compromise campaign targeting organizations in various industries with the aim of harvesting credentials. Continue reading Business Email Compromise Campaign Harvesting Credentials in Numerous Industries
ZeroFOX, Deep Instinct, Flashpoint, Symantec acquired Skycure for an undisclosed amount, RiskLens and Nok Nok Labs raised $8M series D. Startup Articles & Discussion[edit] Five questions brands need to answer to be customer first in the digital age ==> 3 Essential (And 1 Surprising) Components Of A Successful Sales Strategy ==> knowing who isn’t a fit is […]
The post News – Startup Security Weekly #47 appeared first on Security Weekly.
New York City-based Flashpoint, an intelligence firm that mines the dark web for information about hackers, today ended a $28 million Series C funding round. A new investor, Georgian Partners, took the lead. Flashpoint executives describe the company’s mission as providing cyber intelligence, referred to as business risk intelligence (BRI), that goes beyond the realm of threat detection and alert notifications. The company sells access to a digital platform that allow customers to assess cyber threats aimed at their organizations. Flashpoint’s new partnership with Georgian Partners, an equity firm focused on software and security ventures, will provide additional resources for the company to expand its product portfolio and other services. “Georgian Partners brings with it not only a significant investment into Flashpoint’s expansion … but a unique expertise in applied analytics, machine learning, and natural language processing, which will help us further mature our offerings,” said Josh Lefkowitz, CEO and […]
The post Dark web intelligence firm Flashpoint raises $28M to expand operations appeared first on Cyberscoop.
Continue reading Dark web intelligence firm Flashpoint raises $28M to expand operations
A linguistics analysis of the 28 ransom notes included with WannaCry indicate that native Chinese and English speakers wrote the original note, Flashpoint said. Continue reading WannaCry Ransom Note Written by Chinese, English Speaking Authors
Think of it as hiding in plain sight. Ninety-nine percent of Chinese cybercriminals communicate over instant messenger apps like QQ and WeChat, according to research from the cybersecurity firm Flashpoint. Both apps are wildly popular in China and almost nowhere else. The apps, which are both owned and operated by the multibillion-dollar Chinese tech giant Tencent, cooperate directly and extensively with expansive government censorship and surveillance. To the outside, it would seem to be a barren and dangerous environment for coordinating criminal enterprises. That doesn’t stop the hackers, though. “You would imagine that people who are engaging in illicit activities would at least make an effort to use a platform that’s not explicitly monitored by the regime, right?” says Jon Condra, Flashpoint’s Director of East Asian Research and Analysis. To beat government surveillance, China’s cybercriminal underground deploy technical, typographic and linguistic tricks that can make tracking them increasingly difficult. In Russia, by stark contrast, Jabber reigns as the messenger […]
The post Under tough surveillance, China’s cybercriminals find creative ways to chat appeared first on Cyberscoop.
Continue reading Under tough surveillance, China’s cybercriminals find creative ways to chat
Much of the Russian cybercrime underworld is an enigma, but one technology serves as a crucial common link across all of it: Jabber. In a space of cutting-edge tech, creativity and crime, the 18-year-old instant messenger is the most popular communication tool among Russian-speaking cybercriminals, according to new research from the security firm Flashpoint. It’s how hackers make deals, share intelligence and offer tech support on their malware products. While it already reigns in Russian communities, Jabber is simultaneously rising in popularity for cybercriminals around the world. It’s a testament not only to the quality of the technology, but also to the influence of hacking trends set in Russia. “In the cybercriminal economy, Jabber is seen as the gold standard for communication,” Leroy Terrelonge III, a senior researcher at the security firm Flashpoint, told CyberScoop. Jabber (also known as XMPP or Extensible Messaging and Presence Protocol) is an open-source, federated instant messenger with thousands of independent servers and […]
The post Why Jabber reigns across the Russian cybercrime underground appeared first on Cyberscoop.
Continue reading Why Jabber reigns across the Russian cybercrime underground
In the shadow of nuclear weapons, bank robberies tend to be forgotten. In North Korea’s case, the two are closely connected. Conventional wisdom says North Korea is an arsenal-craving backwater under the rule of despots. The regime, however, is driving toward a modern version of authoritarianism, with cyberwar capabilities complementing hydrogen bombs. While the nukes purposefully grab the world’s attention, the regime is taking unprecedented steps in the cyber domain. And it’s targeting more than just its critics. It’s been just over one year since the collective known as Lazarus Group stole $81 million from the central bank of Bangladesh in a heist that ran through the Federal Reserve Bank of New York. The theft, one of the biggest bank robberies in modern history, initially targeted $1 billion but came up well short because of a simple typo during the online bank transfer process. It’s now the subject of a federal inquiry looking into […]
The post North Korea’s plan to cultivate an army of cybercrime masterminds appeared first on Cyberscoop.
Continue reading North Korea’s plan to cultivate an army of cybercrime masterminds
“He built a piece of software. That tool was pirated and abused by hackers. Now the feds want him to pay for the computer crooks’ crimes.”
The above snippet is the subhead of a story published last month by the Daily Beast titled “FBI Arrests Hacker Who Hacked No One.” The subject of that piece — a 26-year-old American named Taylor Huddleston — faces felony hacking charges connected to two computer programs he authored and sold: An anti-piracy product called Net Seal, and a Remote Administration Tool (RAT) called NanoCore that he says was a benign program designed to help users remotely administer their computers.
The author of the Daily Beast story, former black hat hacker and Wired.com editor Kevin Poulsen, argues that Huddelston’s case “raises a novel question: When is a programmer criminally responsible for the actions of his users? Some experts say [the case] could have far reaching implications for developers, particularly those working on new technologies that criminals might adopt in unforeseeable ways.”
But a closer look at the government’s side of the story — as well as public postings left behind by the accused and his alleged accomplices — paints a more complex and nuanced picture that suggests this may not be the case to raise that legal question in a meaningful way. Continue reading Dual-Use Software Criminal Case Not So Novel