Iran-linked Threat Group Targets Government Organizations

Source: http://www.securityweek.com/iran-linked-attackers-target-government-organizations(SecurityWeek) An Iran-linked threat group who has been observed attacking organizations in Saudi Arabia has improved it’s malware tools and has expanded its target list to consist of other countries. Palo Alto network researchers reported observing attacks that were launched by a threat actor Continue Reading

Israeli Startup Reveals it’s Platform That Provides Broad Support for ICS and OT environments

Source: http://www.securityweek.com/claroty-emerges-stealth-promising-extreme-visibility-industrial-networks (Security Week) An Israeli startup called ‘Claroty’ has come forth from stealth mode and announced its security platform which is designed to provide ‘extreme visibility’ into Operational Technology (OT) environments to protect critical infrastructure from cyber threats. The company says it’s been able to quietly Continue Reading

Threat Group “Operation Ghoul” Targets Industrial Sectors Around the Globe

Source: http://www.securityweek.com/organizations-30-countries-targeted-operation-ghoul , https://threatpost.com/operation-ghoul-targeting-middle-eastern-industrial-engineering-organizations/119928/ (SecurityWeek, Threatpost) Threat group dubbed as Operation Ghoul has been targeting  industrial, petrochemical, naval, military, aerospace, solar energy, and other sectors. Their activities can be traced back as far as March 2015 where they have been trying to make a profit by hijacking Continue Reading

ProjectSauron APT Platform Used to Spy on Government Agencies and Critical Industries

Source: https://www.helpnetsecurity.com/2016/08/09/top-level-cyber-espionage-group/, https://threatpost.com/projectsauron-apt-on-par-with-equation-flame-duqu/119725/ Kaspersky Lab and Symantec researchers have discovered an espionage group who is likely backed by a nation-state. The threat actor was previously known as Strider, but after reviewing modules from the group’s latest attacks they’re now being called ProjectSauron. Evidence of the group’s activity Continue Reading

Banking Trojan BlackMoon Steals Credentials From Over 100,000 South Koreans

Source: http://news.softpedia.com/news/blackmoon-banking-trojan-infected-over-160-000-south-koreans-506512.shtml, https://www.proofpoint.com/us/threat-insight/post/Updated-Blackmoon-Banking-Trojan BlackMoon is a banking trojan that has already infected 110,130 victims worldwide and 108,850 in South Korea.  According to Fortinet, between May 10, 2016 and July 19, 2016 the criminals were able to gain an additional 62,659 new victims(61,255 of them being from Continue Reading

India-Linked Threat Actor Targets Military, Political Entities Worldwide

Source: http://www.securityweek.com/india-linked-threat-actor-targets-military-political-entities-worldwide There is a new threat actor known as Patchwork, that has been targeting victims worldwide since 2014. They have infected an estimated 2,500 victims since December 2015. Researchers at Cymmetria say that the group has mainly focused on personnel working on military and political Continue Reading

ISIS Hackers Pose a Growing Threat

Source: https://threatpost.com/unskilled-pro-isis-hackers-a-growing-threat/117726/ Extra Readings: https://www.flashpoint-intel.com/home/assets/Media/Flashpoint_HackingForISIS_April2016.pdf Hackers sympathetic to ISIS pose a growing risk to the global community. They are using public lists found on the internet and publicizing them as kill lists. This very situation happened with Minnesota law enforcement, where their names, addresses, and phone numbers were Continue Reading

DDoS Attacks – Calculate the Cost and Probability

Source: https://www.helpnetsecurity.com/2016/04/04/ddos-downtime-calculator/ DDoS mitigation market has seen a growth in revenue. $449.5 million account for earned revenues in 2014 and is estimated to double by 2019. Here’s a useful tool to calculate the downtime of a DDoS attack based on your company size, industry, type of Continue Reading

BitDefender Security Researchers Release Ransomware “Vaccine”

Source: https://www.grahamcluley.com/2016/03/vaccine-future-versions-locky-teslacrypt-ctb-locker-ransomware-released/?utm_source=hs_email&utm_medium=email&utm_content=27949546&_hsenc=p2ANqtz-8eHlKOq06F0rTt_9SXwt8LZHGKnTMO05prLBQjU0su8kmYX0QnnOToyz0aY4xIxMExKKFHRRDgriTF7B7mE5iREi3lOQ&_hsmi=27949546 Posted: March 31, 2016 Security researchers at BitDefender have released an update to their anti-ransomware utility that handled CryptoWall infections. Their anti-ransomware module has been placed in BitDefender 2016. Now the new ransomware utility handles all current and possibly future versions of Locky, TeslaCrypt, Continue Reading

TenCent’s QQ Browser Exposes Millions To Security and Privacy Issues

Source:https://www.helpnetsecurity.com/2016/03/29/security-privacy-issues-qq-browser/ Posted March 29, 2016 Researchers at the Citizen Lab in the University of Toronto’s Munk School of Global Affairs have found several problems related to the use of Chinese Company TenCent’s QQ Mobile Browser. The QQ mobile browser is available on both Android and Continue Reading