Olympic Destroyer – WindowsTechs.com

Chinese hackers posed as Iranians to breach Israeli targets, FireEye says

Posted on August 10, 2021 by Sean Lyngaas

Suspected Chinese spies masqueraded as Iranian hackers in a two-year campaign to break into government and telecommunication networks in Israel, security firm FireEye said Tuesday. The alleged Chinese intruders used a hacking tool previously associated with Iranian operatives, and embedded some of their malicious code with Farsi, the predominant language in Iran. It was part of a broader campaign to gather intelligence at organizations in other Middle East and Central Asian countries that has continued this year, according to FireEye. The findings show how spies plant digital evidence in an effort to throw off investigators in the high-stakes world of espionage. The revelations come amid a period of heightened scrutiny of Chinese cyber activity: The U.S. and its European allies in July condemned China’s alleged exploitation of Microsoft software and said that it enabled ransomware attacks. John Hultquist, vice president of threat intelligence at Mandiant FireEye, said the targeting at […]

The post Chinese hackers posed as Iranians to breach Israeli targets, FireEye says appeared first on CyberScoop.

Continue reading Chinese hackers posed as Iranians to breach Israeli targets, FireEye says→

Looking at Big Threats Using Code Similarity. Part 1

Posted on June 9, 2020 by Costin Raiu

Today, we are announcing the release of KTAE, the Kaspersky Threat Attribution Engine. This code attribution technology, developed initially for internal use by the Kaspersky Global Research and Analysis Team, is now being made available to a wider audience. Continue reading Looking at Big Threats Using Code Similarity. Part 1→

DEF CON 2019: MacOS Gets a Malware Beatdown in Attack Demo

Posted on August 10, 2019 by Tom Spring

Patrick Wardle proves that signature-based anti-malware protection on Macs is woefully inadequate when fending off modern attacks. Continue reading DEF CON 2019: MacOS Gets a Malware Beatdown in Attack Demo→

APT review of the year

Posted on December 5, 2018 by Vicente Diaz

What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them? Not an easy question to answer. Still, with the benefit of hindsight, let’s try to approach the problem from different angles to get a better understanding of what went on. Continue reading APT review of the year→

Kaspersky Security Bulletin 2018. Top security stories

Posted on December 3, 2018 by David Emm

All too often, both rely on manipulating human psychology as a way of compromising entire systems or individual computers. Increasingly, the devices targeted also include those that we don’t consider to be computers – from children’s toys to security cameras. Here is our annual round-up of major incidents and key trends from 2018 Continue reading Kaspersky Security Bulletin 2018. Top security stories→

Kaspersky Security Bulletin: Threat Predictions for 2019

Posted on November 20, 2018 by Vicente Diaz

Asking the most intelligent people I know, and basing our scenario on APT attacks because they traditionally show the most innovation when it comes to breaking security, here are our main ‘predictions’ of what might happen in the next few months. Continue reading Kaspersky Security Bulletin: Threat Predictions for 2019→

Olympic Destroyer Wiper Changes Up Infection Routine

Posted on November 19, 2018 by Tara Seals

The Hades APT group continues its quest to stay under the radar. Continue reading Olympic Destroyer Wiper Changes Up Infection Routine→

Olympic Destroyer Returns with Improved Arsenal

Posted on November 19, 2018 by Lucian Constantin

The hacker group that attacked the 2018 Winter Olympic Games IT infrastructure is still active and has recently been observed attacking organizations with an improved malware strain. The infrastructure at the Winter Olympic Games in Pyeongchang, South… Continue reading Olympic Destroyer Returns with Improved Arsenal→

Threats in the Netherlands

Posted on October 11, 2018 by GReAT

For this blogpost we gathered all the sinkhole data for Dutch IPs in the last four years, which amounts to around 85,000 entries. The aim is to give an overview of which APT groups are active in the Netherlands and what they are interested in. Continue reading Threats in the Netherlands→

Cisco Talos’ Craig Williams on the hunt for bugs and abnormal behavior

Posted on August 27, 2018 by Sean Lyngaas

Look at some of the biggest cybersecurity incidents in the last year and one threat intelligence organization tends to pop up: Talos. Researchers from Talos, a division of networking giant Cisco, have helped expose VPNFilter, the massive botnet that loomed over Ukraine and tracked cybercriminals who have used mobile device management servers to distribute malware. On the sidelines of the Black Hat and DEF CON conference in Las Vegas this month, CyberScoop sat down with Craig Williams, Talos’s director of outreach, to get his take on some of these high-profile threats and how he approaches the craft of investigating malware campaigns. Like most other threat intelligence units, Talos has to manage a critical relationship with law enforcement, deciding when to loop-in the public sector as it comes across all different kinds of attacks. Williams provides some insight into how Talos handles these interactions, which can often be as complex as the malware he pores over daily. This conversation […]

The post Cisco Talos’ Craig Williams on the hunt for bugs and abnormal behavior appeared first on Cyberscoop.

Continue reading Cisco Talos’ Craig Williams on the hunt for bugs and abnormal behavior→