CyberCrime - W/E - 2/7/20
As Tensions Rise in Middle East, Be Wary of Destructive Cyber Attacks (02/03/2020)
Symantec warned that organizations should be vigilant as political tensions in the Middle East could heighten the risk of attacks from Iranian-sponsored cyberspy groups. Attackers associated with Iran have periodically carried out highly destructive disk-wiping attacks against targets in the Middle East. The researchers say that Iranian attackers could use wipers to target critical infrastructure; attacks on telecommunications infrastructure may be conducted to disrupt service; hactivists could deface Web sites; and distributed denial-of-service attacks could be launched on financial entities
Symantec warned that organizations should be vigilant as political tensions in the Middle East could heighten the risk of attacks from Iranian-sponsored cyberspy groups. Attackers associated with Iran have periodically carried out highly destructive disk-wiping attacks against targets in the Middle East. The researchers say that Iranian attackers could use wipers to target critical infrastructure; attacks on telecommunications infrastructure may be conducted to disrupt service; hactivists could deface Web sites; and distributed denial-of-service attacks could be launched on financial entities
Cyber Miscreants Use Coronavirus to Phish for Victims (02/06/2020)
Sophos has warned that cyber thieves are using the coronavirus crisis to exploit victims with phishing scams. The phishing emails may look like they originated from a legitimate party like the World Health Organization (WHO), contain links within the messages, and ask for personal information like passwords. Many messages are riddled with spelling and grammar errors.
Sophos has warned that cyber thieves are using the coronavirus crisis to exploit victims with phishing scams. The phishing emails may look like they originated from a legitimate party like the World Health Organization (WHO), contain links within the messages, and ask for personal information like passwords. Many messages are riddled with spelling and grammar errors.
Hong Kong Universities Targeted by Winnti Group's Latest Campaign (02/03/2020)
ESET researchers uncovered a new campaign of the Winnti Group targeting universities in Hong Kong and using both the ShadowPad and Winnti malware. The security team discovered this campaign in November and noted that a new variant of the ShadowPad backdoor was deployed using a new launcher and embedding numerous modules. Prior to the detection of ShadowPad, the Winnti malware had already been deployed. ESET believes as many as five Hong Kong universities may have been infected by the Winnti campaign.
ESET researchers uncovered a new campaign of the Winnti Group targeting universities in Hong Kong and using both the ShadowPad and Winnti malware. The security team discovered this campaign in November and noted that a new variant of the ShadowPad backdoor was deployed using a new launcher and embedding numerous modules. Prior to the detection of ShadowPad, the Winnti malware had already been deployed. ESET believes as many as five Hong Kong universities may have been infected by the Winnti campaign.
Pro-Russian Gamaredon APT Steps Up Cyber Attacks on Ukrainian Military (02/05/2020)
A SentinelLabs study of Gamaredon, an advanced persistent threat group associated with Russia that typically targets the Ukrainian government, has found that the adversary has ramped up the scale of its operations, attacking a larger number of victims, and adapting its tools and social engineering implementation to specific targets. Gamaredon has used sophisticated cyber espionage tactics against institutions like the Hetman Petro Sahaidachnyi National Ground Forces Academy and it has launched cyber attacks on physical infrastructure and field artillery.
A SentinelLabs study of Gamaredon, an advanced persistent threat group associated with Russia that typically targets the Ukrainian government, has found that the adversary has ramped up the scale of its operations, attacking a larger number of victims, and adapting its tools and social engineering implementation to specific targets. Gamaredon has used sophisticated cyber espionage tactics against institutions like the Hetman Petro Sahaidachnyi National Ground Forces Academy and it has launched cyber attacks on physical infrastructure and field artillery.