TTPs – Page 2 – WindowsTechs.com

APT10 Targeting Japanese Corporations Using Updated TTPs

Posted on September 13, 2018 by Threat Research Blog

Introduction
In July 2018, FireEye devices detected and blocked what appears to
be APT10 (Menupass) activity targeting the Japanese media sector.
APT10 is a Chinese cyber espionage group that FireEye has tracked
since 2009, and they have a histor… Continue reading APT10 Targeting Japanese Corporations Using Updated TTPs→

DHS cyber specialist: look for behavior patterns with APTs

Posted on June 11, 2018 by Sean Lyngaas

To better track advanced hacking groups, U.S.-based companies should watch for signals in human behavior instead of changing tactics, according to Casey Kahsen, an IT specialist at the Department of Homeland Security. From one campaign to another, there are “a lot of similarities” in the behavior of a Russian government hacking group that has targeted U.S. energy companies, Kahsen said Friday at a cybersecurity event on Capitol Hill. “Some things have changed, but the behavior element remains largely the same because that’s expensive to change,” he said. “The actors are going to change tactics; they’re going to change tools,” Kahsen explained at the event, hosted by the Lexington Institute. “We need to be looking for the things that they did that are more difficult to change – the human behavior element.” The human behavior that Kahsen referenced typically includes a group’s hours of operations or coding style, which cybersecurity experts say […]

The post DHS cyber specialist: look for behavior patterns with APTs appeared first on Cyberscoop.

Continue reading DHS cyber specialist: look for behavior patterns with APTs→

SANNY Malware Delivery Method Updated in Recently Observed Attacks

Posted on March 23, 2018 by Nick Harbour

Introduction
In the third week of March 2018, through FireEye’s Dynamic Threat
Intelligence, FireEye discovered malicious macro-based Microsoft Word
documents distributing SANNY malware to multiple governments
worldwide. Each malicious docu… Continue reading SANNY Malware Delivery Method Updated in Recently Observed Attacks→

Why Eugene Kaspersky keeps talking about ‘Project Sauron’

Posted on December 1, 2017 by Chris Bing

Kaspersky Lab founder and CEO Eugene Kaspersky says he’s figured out why the U.S. government hates his company. According to Kaspersky, his company’s research into a sophisticated, international cyber espionage operation that targeted government entities in Russia, Iran and Rwanda represents why the Russian anti-virus maker has become a bogeyman for the U.S. government. This reasoning came during public comments Kaspersky made Tuesday during a small event in London. His comments are the most detailed effort among Kaspersky’s multiple attempts to defend his company from allegations the Moscow-based company acts as an intelligence collection tool for Russian spies. Kaspersky talked about his company’s discovery of U.S. intelligence related hacking operations, including those of the NSA-linked “Equation Group” and CIA-linked “Lamberts,” being the reason for the recent firestorm. He specifically emphasized the unveiling of one particular campaign — known as ProjectSauron or Strider — as a driving factor while also implying U.S. involvement with […]

The post Why Eugene Kaspersky keeps talking about ‘Project Sauron’ appeared first on Cyberscoop.

Continue reading Why Eugene Kaspersky keeps talking about ‘Project Sauron’→