In-brief: A new sophisticated cyber crime campaign dubbed “Petulant Penguin” by one research firm appears to use compromised computers at Antarctic research bases to launch targeted attacks on government agencies in the U.S. and Europe.
Tag: APT
Supply Chain Hackers Use Short List of Techniques | Trend Micro
In-brief: Trend Micro notes that supply chain attacks are on the rise, with attackers relying on a short list of techniques including compromises of source code, firmware and so-called “watering hole” attacks.
Is Google’s Rowhammer the Future of IoT Attacks?
In-brief: Infoworld’s Roger Grimes makes the case that Google’s recent Rowhammer exploit may be a sign of things to come as attackers look for common platforms to attack the Internet of Things.
Bill in U.S. House would Open Doors to Threat Intel Sharing | Reuters
In-brief: Leaders of the House of Representatives Intelligence Committee introduced the Protecting Cyber Networks Act on Tuesday. The bill would make it easier for companies to share information about attacks with each other and with the government. It also addresses concerns about omnibus spying by U.S. intelligence agencies.
Updated: Google warns of unauthorized TLS certificates trusted by almost all OSes | Ars Technica
In-brief: Google warned its users that unauthorized digital certificates have been issued for several of its domains. The certificates are linked to an intermediary certificate authority for CNNIC, which administers China’s domain name registry. Updated with comment from Kevin Bocek of Venafi. Paul 3/27/2015
