In-brief: analysis of the latest leak of sophisticated hacking tools by The Shadow Brokers suggests that the theft was an inside job, the security firm Flashpoint contends.
Tag: critical infrastructure
Home Routers Under Attack via Malvertising | Proofpoint
The security firm Proofpoint is writing about a new and “improved” version of DNSChanger, an exploit kit that attacks home routers in order to serve malicious advertisements to anyone connecting through the Internet using that router. From the Proofpoint analysis: Since the end of October, we have seen an improved version of the “DNSChanger EK” [1] used in ongoing malvertising campaigns. DNSChanger attacks internet routers via potential victims’ web browsers; the EK does not rely on browser or device vulnerabilities but rather vulnerabilities in the victims’ home or small office (SOHO) routers. Most often, DNSChanger works through the Chrome browser on Windows desktops and Android devices. However, once routers are compromised, all users connecting to the router, regardless of their operating system or browser, are vulnerable to attack and further malvertising.The router attacks appear to happen in waves that are likely associated with ongoing malvertising campaigns lasting several days. Attack […]
Don’t Be The DNC: An Introduction to Enterprise Threat Hunting
In-brief: The New York Times expose on the hack of the Democratic National Committee is a case study in how not to respond to a cyber attack. In this video interview with Tim Bandos of Digital Guardian, we talk about how to do it right. His new ebook on hunting digital threats in the enterprise explains that incident response doesn’t have to cost a fortune.
Bad Neighborhoods Predict Which Computers Turn To Crime, Also
In-brief: The ‘bad neighborhoods’ effect applies to bots, too, according to the firm Recorded Future, which says that it can identify computers that are likely to be involved in botnets, even before they are, based on their neighborhood.
Hackers in Asia Target Manufacturing Secrets from ThyssenKrupp | Reuters
In-brief: Reuters reports that an attack on the German steel giant ThyssenKrupp had origins in asia and targeted steel manufacturing secrets.
