A survey by Forrester and the firm Forescout finds business leaders in a state of high anxiety over the Internet of Things, as more connected devices infiltrate the workplace.
The security firm Volexity reported on Monday that it uncovered a massive campaign of digital surveillance and web-based attacks directed at ASEAN and other civil society groups in Vietnam, Cambodia and other countries, including ASEAN, the Association of Southeast Asian Nations. Volexity researchers discovered malicious code lurking on main website for ASEAN and more than 80 other websites, many belonging to small media, human rights and civil society organizations, as well as individuals who had been critical of the Vietnamese government. The malicious code allowed the hacking group, dubbed OceanLotus, to track, profile and target visitors to the websites, Volexity said. The scope of the campaign was one of the largest the researchers have ever come across, rivaling the so-called “Waterbug” campaign of phishing and watering hole attacks that was described by the security firm Symantec in 2016. Links to Vietnam OceanLotus is believed to be an Advanced Persistent Threat (or […]
In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen journalism website Bellingcat.com to understand how the Russian Group known as Fancy Bear works.
Hundreds of millions of wireless devices may be affected by a flaw in WPA-2, a widely used standard for securing wireless Internet connections. (Updated to add commentary by Bob Rudis of Rapid 7.)
Research from the firm Akamai finds cyber criminals are marrying vulnerable home routers to sophisticated “fast flux” command and control tools to create long-lived, cyber criminal infrastructure.