Global Weekly Executive Summary June 2, 2017

WannaCry Attribution Security researchers around the world have identified clues linking the global WannaCry cyberattacks to Lazarus Group, a prolific hacking group with suspected ties to North Korea, but is the WannaCry ransomware the work of a nation-state or does it just feel that way? Continue Reading

Malware Found Pre-Installed on Android Phones Indicates Supply Chain Security Breakdown

Check Point Software Technologies recently detected “severe infection” in multiple models of Android devices and determined that the malware was pre-installed, indicating an issue with supply chain security of mobile devices. What Happened: Check Point, an international cybersecurity vendor, posted the results of their threat Continue Reading

Data Breach of Singapore’s Ministry of Defence

Singapore’s Ministry of Defence (MINDEF) detected a data breach in their I-net system that allowed the “basic personal data” of 850 national servicemen and MINDEF employees to be stolen. What happened: The MINDEF I-net system provides internet access to computer terminals within the Ministry of Continue Reading

1.5 million WordPress Sites Defaced

A security flaw has led to the defacement of more than 1.5 million WordPress sites within the last ten days. WordPress update 4.7.2, released on January 26, quietly included a security fix for a vulnerability that allowed attackers to bypass authentication and alter content on Continue Reading

OAuth 2.0 Protocol Exposes 1 Billion Mobile Applications To Account Hacking

Source: https://threatpost.com/oauth-2-0-hack-exposes-1-billion-mobile-apps-to-account-hijacking/121889/, http://securityaffairs.co/wordpress/53081/hacking/oauth-2-0-attack.html (SecurityWeek, SecuirtyAffairs) Researchers from the Chinese University of Hong Kong discovered a mass popular applications that use single sign-on(SSO) are vulnerable because they aren’t properly implementing the OAuth 2.0 protocol.  This protocol is used everyday by billions of users who access third-party services by Continue Reading

DDoS Attacks on DYN Take Down Tech Giants: Github, Twitter, Netflix, and More

Source: John McAfee: North Korea behind Dyn DDoS assault, larger attacks on the way, DYN CONFIRMS DDOS ATTACK AFFECTING TWITTER, GITHUB, MANY OTHERS (TECHSPOT, Threatpost) On Friday October 21, 2016 two massive Distributed Denial of Service Attack(DDoS) were targeted at the DNS provider Dyn. The attacks on Continue Reading

Ghost Push Malware Still Taking a Toll on Android Devices Through Malicious Links

Source: https://threatpost.com/ghost-push-trojan-flourishing-via-malicious-links/121310/, http://www.cmcm.com/blog/en/security/2016-10-14/1031.html(Threatpost, CheetahMobile) Cheetah Mobile a company that strives to provide faster, simpler and safer mobile internet experience for users worldwide, is saying that Ghost Push malware family is still taking a toll on Android devices even after it’s nearly two-year debut. According to researchers at Continue Reading

Threat Group “Operation Ghoul” Targets Industrial Sectors Around the Globe

Source: http://www.securityweek.com/organizations-30-countries-targeted-operation-ghoul , https://threatpost.com/operation-ghoul-targeting-middle-eastern-industrial-engineering-organizations/119928/ (SecurityWeek, Threatpost) Threat group dubbed as Operation Ghoul has been targeting  industrial, petrochemical, naval, military, aerospace, solar energy, and other sectors. Their activities can be traced back as far as March 2015 where they have been trying to make a profit by hijacking Continue Reading

ProjectSauron APT Platform Used to Spy on Government Agencies and Critical Industries

Source: https://www.helpnetsecurity.com/2016/08/09/top-level-cyber-espionage-group/, https://threatpost.com/projectsauron-apt-on-par-with-equation-flame-duqu/119725/ Kaspersky Lab and Symantec researchers have discovered an espionage group who is likely backed by a nation-state. The threat actor was previously known as Strider, but after reviewing modules from the group’s latest attacks they’re now being called ProjectSauron. Evidence of the group’s activity Continue Reading