SVB account holders targeted with phishing, scams

After news broke late last week about Silicon Valley Bank’s bank run and collapse, security researchers started warning SVB account holders about incoming SVB-related scams and phishing attempts. Another reminder: just because caller ID says FDIC… Continue reading SVB account holders targeted with phishing, scams

Navigating the ever-changing landscape of digital security solutions

Recently, Entrust named Bhagwat Swaroop as President, Digital Security Solutions. In this role, Bhagwat will lead the evolution, growth, and expansion of the Entrust Digital Security portfolio, which includes solutions for data encryption, public and p… Continue reading Navigating the ever-changing landscape of digital security solutions

Chinese-linked hackers targeted U.S. state legislature, researchers say

Researchers with Symantec said the group that it has tracked for years has recently targeted government networks in the U.S. and Middle East.

The post Chinese-linked hackers targeted U.S. state legislature, researchers say appeared first on CyberScoop.

Continue reading Chinese-linked hackers targeted U.S. state legislature, researchers say

To encrypt or to destroy? Ransomware affiliates plan to try the latter

Ransomware gangs are planning on trying out a new tactic, and it involves the destruction of the victims’ data. Targeting the data Researchers from Symantec, Cyderes and Stairwell have recently analyzed a new version of the Exmatter data exfiltra… Continue reading To encrypt or to destroy? Ransomware affiliates plan to try the latter

Open Cybersecurity Schema Framework project helps organizations detect and defend from cyberattacks

A coalition of cybersecurity and technology leaders announced an open-source effort to break down data silos that impede security teams. The Open Cybersecurity Schema Framework (OCSF) project, revealed at Black Hat USA 2022, will help organizations det… Continue reading Open Cybersecurity Schema Framework project helps organizations detect and defend from cyberattacks

‘Most advanced’ China-linked backdoor ever, Daxin, raises alarms for cyber-espionage investigators

A backdoor in use as recently as November 2021 is the “most advanced piece of malware” ever seen from China-linked spies, according to researchers at Symantec. The cybersecurity company said Monday that the backdoor, dubbed Daxin, is part of “a long-running espionage campaign against select governments and other critical infrastructure targets,” most of them being of strategic interest to China. The malware “appears to be optimized for use against hardened targets, allowing the attackers to burrow deep into a target’s network and exfiltrate data without raising suspicions,” the researchers said. “This isn’t really comparable to any other strains of China-linked malware in our opinion. It’s on another level,” Dick O’Brien, principal editor for the Symantec Threat Intelligence Team, told CyberScoop. “It would be near the same level as malware we’ve seen attributed to Western powers, but maybe not as well put together.” Symantec, part of Broadcomm Software, said it worked […]

The post ‘Most advanced’ China-linked backdoor ever, Daxin, raises alarms for cyber-espionage investigators appeared first on CyberScoop.

Continue reading ‘Most advanced’ China-linked backdoor ever, Daxin, raises alarms for cyber-espionage investigators

Cyber attacks on Ukraine: DDoS, new data wiper, cloned websites, and Cyclops Blink

This Thursday morning, Russia started its invasion on Ukraine and, As predicted, the attacks in the physical world have been preceded and accompanied by cyber attacks: Renewed DDoS attacks have been launched against websites Ukrainian government agenci… Continue reading Cyber attacks on Ukraine: DDoS, new data wiper, cloned websites, and Cyclops Blink

Another round of ‘wiper’ malware appears in Ukrainian networks

Security researchers detected new destructive malware spreading in Ukraine on Wednesday, following evidence of distributed denial-of-service disruptions for government agencies — both of which overlapped with the beginnings of a Russian invasion. ESET said the data-wiping malware was “installed on hundreds of machines in the country,” and there were signs that the attackers had been preparing for almost two months. Silas Cutler, principle reverse engineer and resident hacker at Stairwell, said that the wiper damages a system’s master boot record, which tells a machine how to start up. That’s similar to malware known as WhisperGate that was used in an attack in January in Ukraine. Symantec, too, observed the wiper in action, and confirmed to CyberScoop that it has seen it in Latvia as well. Juan-Andres Guerrero-Saade, principal threat researcher at SentinelOne, said the wiper appeared to be more dangerous than the malware uncovered in January. None of the researchers […]

The post Another round of ‘wiper’ malware appears in Ukrainian networks appeared first on CyberScoop.

Continue reading Another round of ‘wiper’ malware appears in Ukrainian networks

Researchers detail Russia-linked group’s cyber-espionage tactics in Ukraine

Researchers at Symantec say they have identified some of the specific tactics used by a Russia-linked hacking operation that Ukraine’s government outed in November of last year. The cyber-espionage group, commonly labeled as Gamaredon or Armageddon, is known for using phishing emails to try to install remote access tools on victims’ computers, with the goal of exfiltrating data. Symantec’s Threat Hunter Team published a blog post Monday explaining how the spies used infected Microsoft Word attachments in mid-2021 to implant backdoor files allowing for the delivery of more malware. The researchers don’t specify who was targeted in their case study. The goal is to highlight the tactics, techniques and procedures (TTP) in question, especially if the Russia-Ukraine conflict boils over in the coming weeks, they say. “We do not expect to see reemergence of these TTPs until just prior or during active conflict,” the team told CyberScoop. As tensions between […]

The post Researchers detail Russia-linked group’s cyber-espionage tactics in Ukraine appeared first on CyberScoop.

Continue reading Researchers detail Russia-linked group’s cyber-espionage tactics in Ukraine