Phishing

Focusing on advanced persistent threats can blind organizations to more likely and equally dangerous adversaries, according to Thomas Hofmann of Flashpoint.

Opinion: Don’t Be Blinded by APTs

In this industry perspective, Thomas Hofmann of Flashpoint says that sensational coverage of advanced persistent threat (APT) actors does little to help small and mid sized firms defend their IT environments from more common threats like cyber criminals. The key to getting cyber defense right is understanding the risks to your firm and prioritizing investments to protect critical IT assets.

OceanLotus, an advanced threat group believed to be operating out of Vietnam, is alleged to have targeted ASEAN and other civil society groups.

Report details mass digital surveillance, attacks on ASEAN linked to Vietnamese APT group

The security firm Volexity reported on Monday that it uncovered a massive campaign of digital surveillance and web-based attacks directed at ASEAN and other civil society groups in Vietnam, Cambodia and other countries, including ASEAN, the Association of Southeast Asian Nations. Volexity researchers discovered malicious code lurking on main website for ASEAN and more than 80 other websites, many belonging to small media, human rights and civil society organizations, as well as individuals who had been critical of the Vietnamese government. The malicious code allowed the hacking group, dubbed OceanLotus, to track, profile and target visitors to the websites, Volexity said. The scope of the campaign was one of the largest the researchers have ever come across, rivaling the so-called “Waterbug” campaign of phishing and watering hole attacks that was described by the security firm Symantec in 2016. Links to Vietnam OceanLotus is believed to be an Advanced Persistent Threat (or […]

Repair shops for televisions and other appliances have largely disappeared in recent decades. A lack of after market parts and tools is one big reason says Kyle Wiens of Repair.org.

A Right to Repair the Internet of Things? Spear Phishing Detection and Nonstop Attacks on DVRs

Podcast: Play in new window | Download (9.7MB)Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | RSS | https://www.securityledger.com/subscribeIn-brief: In the latest Security Ledger podcast we talk about pending right to repair laws and their impact on the Internet of Things. Also:  Facebook’s Internet Defense Prize went to a better method for spear phishing detection. We talk to a member of the winning team. And, Johannes Ullrich of The Internet Storm Center joins us to talk about a study he did to measure the frequency of attacks on a common IoT device: digital video recorders.