OceanLotus – Page 2 – WindowsTechs.com

New research highlights Vietnamese group’s custom hacking tools

Posted on October 17, 2018 by Sean Lyngaas

Cybersecurity researchers have uncovered remote access tools, or backdoors, linked to an infamous Vietnamese hacking group with a history of targeting government organizations and intellectual-property-rich companies. Analysts with cybersecurity company Cylance say that while investigating a security incident last year, they found multiple custom backdoors used by the cyber-espionage outfit known as APT32 or OceanLotus Group. The hackers used command and control protocols that were tailored to their targets and that supported multiple network communication methods. “The overall design and development of these threats indicate they come from a well-funded development team,” research from Cylance published Wednesday states. “The OceanLotus Group uses an expansive amount of custom library code that can easily be repurposed for maximum effectiveness against their next target.” Tom Bonner, Cylance’s director of threat research, told CyberScoop that the “underlying code for the APT32 backdoors is highly modular,” meaning it can be repurposed by tweaking command and control protocols. APT32, […]

The post New research highlights Vietnamese group’s custom hacking tools appeared first on Cyberscoop.

Continue reading New research highlights Vietnamese group’s custom hacking tools→

Windows, MacOS, & Javascript – Application Security Weekly #12

Posted on April 19, 2018 by Security Weekly Productions

In the news, Attacking an FTP Client: MGETting more than you bargained for, Warning: Your Windows PC can get hacked by just visiting a site, new MacOS backdoor linked to OceanLotus, & more on this episode of Application Security Weekly! Full Show … Continue reading Windows, MacOS, & Javascript – Application Security Weekly #12→

A stolen Trump-Duterte transcript appears to be just one part of a larger hacking story

Posted on May 31, 2017 by Chris Bing

A leaked transcript of a phone conversation between President Donald Trump and his Philippine counterpart was available online for weeks before surfacing in news reports, and it now appears to be just one of a series of sensitive Philippine government documents acquired by a hacker group with suspected ties to the Vietnamese government, according to research conducted by multiple cybersecurity experts and evidence gathered by CyberScoop. On May 15, eight days before either The Intercept or the Washington Post reported about the transcript of Trump’s call with President Rodrigo Duterte, someone uploaded what appears to be the same document to the repository VirusTotal along with malicious email attachments. How The Intercept and the Post originally obtained their own copies of the Trump-Duterte transcript — which unnamed U.S. officials confirmed as authentic — remains unclear. The leak appears to be bigger than just one document. Included in the dump were notes regarding a conversation between Duterte […]

The post A stolen Trump-Duterte transcript appears to be just one part of a larger hacking story appeared first on Cyberscoop.

Continue reading A stolen Trump-Duterte transcript appears to be just one part of a larger hacking story→