Phishing

Spreading Malware

Cisco Links Remote Access Tool Remcos to Cybercriminal Underground

Questions are being raised about whether remote-access and testing tools from a mysterious company called Breaking Security are made and sold by cyber criminals, after the tools have been widely adopted as a turnkey solution for setting up and running botnets, according to Cisco Talos.

‘Olympic Destroyer’ resurfaces; targets financial organizations, chemical-threat-prevention labs

The Olympic Destroyer malware behind an attack on the 2018 Winter Olympic Games in Seoul resurfaced with new targets in its sites: financial organizations and biological and chemical threat prevention laboratories, according to new research from Kaspersky Lab.

Opinion: Don’t Be Blinded by APTs

In this industry perspective, Thomas Hofmann of Flashpoint says that sensational coverage of advanced persistent threat (APT) actors does little to help small and mid sized firms defend their IT environments from more common threats like cyber criminals. The key to getting cyber defense right is understanding the risks to your firm and prioritizing investments to protect critical IT assets.

Russia Cozy Bear CrowdStrike

FBI, DHS warn Russian Dragonfly Group Still Targeting US Critical Infrastructure

The Department of Homeland Security and the FBI on Thursday warned that the so-called “Dragonfly” hackers linked to the government of Russia are engaged in a “multi-stage intrusion campaign” against U.S. critical infrastructure, including the energy, nuclear, aviation and manufacturing sectors. 

Vietnamese Soldier

Report details mass digital surveillance, attacks on ASEAN linked to Vietnamese APT group

The security firm Volexity reported on Monday that it uncovered a massive campaign of digital surveillance and web-based attacks directed at ASEAN and other civil society groups in Vietnam, Cambodia and other countries, including ASEAN, the Association of Southeast Asian Nations. Volexity researchers discovered malicious code lurking on main website for ASEAN and more than 80 other websites, many belonging to small media, human rights and civil society organizations, as well as individuals who had been critical of the Vietnamese government. The malicious code allowed the hacking group, dubbed OceanLotus, to track, profile and target visitors to the websites, Volexity said. The scope of the campaign was one of the largest the researchers have ever come across, rivaling the so-called “Waterbug” campaign of phishing and watering hole attacks that was described by the security firm Symantec in 2016. Links to Vietnam OceanLotus is believed to be an Advanced Persistent Threat (or […]