Articles about apt

I AM NIKOM / Shutterstock.com

Android snoopware Skygofree can pilfer WhatsApp messages

Mobile malware strain Skygofree may be the most advanced Android-infecting nasties ever, antivirus-flinger Kaspersky Lab has warned. Active since 2014, Skygofree, named after one of the domains used in the campaign, is spread through web pages mimicking leading mobile network operators and geared towards cyber-surveillance. …
John Leyden, 16 Jan 2018

First shots at South Korea could herald malware campaign of Olympic proportions

A malware campaign has been unleashed against organisations involved with next month's Pyeongchang Winter Olympics. An email1 with a malicious Microsoft Word document attached was sent to a number of groups associated with the event, most of them targeting ice hockey organisations. "The attackers originally embedded an …
John Leyden, 8 Jan 2018

New Ruski hacker clan exposed: They're called MoneyTaker, and they're gonna take your money

Security researchers have lifted the lid on a gang of Russian-speaking cybercrooks, dubbed MoneyTaker. The group has conducted more than 20 successful attacks on financial institutions and legal firms in the USA, UK and Russia in the last two months alone, according to Russian incident response firm Group-IB. MoneyTaker has …
John Leyden, 11 Dec 2017
id4_white_house_648

Former US State Department cyber man: We didn’t see the Russian threat coming

Black Hat Cyber threats have evolved from been a solely technical issues to core issues of government policy, according to a senior US lawyer and former cyber diplomat. Chris Painter, former co-ordinator for cyber issues at the US State Department, told delegates at the Black Hat EU conference that cyber issues have emerged as a core …
John Leyden, 6 Dec 2017
silence

Hackers tiptoe out, launch Silence trojan, quietly raid banks of meeelllions

Cybercrooks are directly attacking banks in multiple countries using a trojan dubbed Silence. At least 10 financial organisations in multiple regions including Russia, Armenia, and Malaysia have been targeted by the so-called Silence crew in a series of ongoing attacks. While stealing funds from its victims, Silence runs …
John Leyden, 2 Nov 2017
malware_security_648

Hackers abusing digital certs smuggle malware past security scanners

Malware writers are widely abusing stolen digital code-signing certificates, according to new research. Malware that is signed with compromised certificates creates a means for hackers to bypass system protection mechanisms based on code signing. The tactic extends far beyond high profile cyber-spying ops, such as the Stuxnet …
John Leyden, 1 Nov 2017
Image by Dr Flash http://www.shutterstock.com/gallery-182053p1.html

Bootkit ransomware baddy hops down BadRabbit hole in Japan

A new strain of ransomware is apparently being used for targeted attacks in Japan. MBR-ONI, a new bootkit ransomware, relies on modified version of a legitimate open-source disk encryption utility called DiskCryptor for its encryption routines – the same tool abused by the Bad Rabbit ransomware last week. While ONI and the …
John Leyden, 31 Oct 2017
bouncer

Mil-spec infosec spinout Cryptonite reveals its network-scrambling tech

Security startup Cryptonite dropped out of stealth ​late last week with a micro-segmentation-based technology designed to prevent​ ​hacker​ ​reconnaissance​ ​and​ ​lateral​ ​movement. CryptoniteNXT​, the firm's network​ ​appliance​, sits between an organisation's perimeter firewall and internal networks, blocking​ ​malicious …
John Leyden, 30 Oct 2017

UK.gov joins Microsoft in fingering North Korea for WannaCry

The UK government has joined Microsoft in blaming North Korea for the WannaCry ransomware attack. Security minister Ben Wallace appeared on BBC Radio4's flagship Today programme on Friday morning to blame North Korea for the infamous ransomware attack that disrupted the operation of one in three NHS Trusts in England as well …
John Leyden, 27 Oct 2017

'We've nothing to hide': Kaspersky Lab offers to open up source code

Russian cybersecurity software flinger Kaspersky Lab has offered to open up its source code for third-party review. The firm's Global Transparency Initiative is in response to moves to ban the use of its technology on US government systems by the Department of Homeland Security over concerns of alleged ties with the Russian …
John Leyden, 23 Oct 2017

Brit intel fingers Iran for brute-force attacks on UK.gov email accounts

Iran has been blamed for the brute-force attack on UK Parliament earlier this year. An unpublished assessment by British intelligence obtained by The Times fingers Iran for the high-profile hack. The revelation comes as the US president has refused to continue signing off the 2015 Iran nuclear deal, to which the UK is a party …
John Leyden, 16 Oct 2017

North Korean hackers allegedly probing US utilities for weaknesses

Hackers believed to be from North Korea are casing out US electric companies in preparation for a possible cyber attack – so says security firm FireEye. "FireEye devices detected and stopped spear phishing emails sent on Sept. 22, 2017, to US electric companies by known cyber threat actors likely affiliated with the North …
John Leyden, 11 Oct 2017
PHP, image via Shutterstock

Avast urges devs to secure toolchains after hacked build box led to CCleaner disaster

VB2017 Avast staffers spoke at the Virus Bulletin International Conference in Madrid, Spain, on Thursday to shed more light on their postmortem of the CCleaner fiasco – and urge developers to protect their software's toolchain and distribution systems from hackers. The widely used utility, which removes unwanted temporary files and …
John Leyden, 6 Oct 2017
spies_648

Spy vs spy vs hacker vs... who is THAT? Everyone's hacking each other

VB2017 Intel agencies and top-tier hackers are actively hacking other hackers in order to steal victim data, borrow tools and techniques, and reuse each other's infrastructure, attendees at Virus Bulletin Con, Madrid, were told yesterday. The increasing amount of spy-vs-spy type activity is making accurate threat intel increasingly …
John Leyden, 5 Oct 2017
password

Och. Scottish Parliament under siege from brute-force cyber attack

Hackers are trying to break into Scottish Parliament email accounts weeks after similar campaigns against Westminster. MSPs and Holyrood staff were warned on Tuesday that as-yet unidentified hackers were running "brute-force" attacks on systems in the devolved assembly, The Guardian reports. Similar attacks on Westminster back …
John Leyden, 16 Aug 2017

APT-style attack against over 4,000 infrastructure firms blamed on lone Nigerian 20-something

A seemingly state-sponsored cyberattack aimed at more than 4,000 infrastructure companies has been blamed on a lone Nigerian cybercriminal. The campaign started in April 2017, and has targeted some of the largest international organisations in the oil, gas, manufacturing, banking and construction industries. The global scale …
John Leyden, 15 Aug 2017
Hotel staff

Kremlin's hackers 'wield stolen NSA exploit to spy on hotel guests in Europe, Mid East'

Russian hackers accused of ransacking the US Democratic party's servers last year may now be targeting hotels in Europe and the Middle East, it is claimed. Miscreants are using various techniques, including the leaked NSA EternalBlue exploit also wielded by the WannaCry malware, to hack into laptops and other devices used by …
John Leyden, 12 Aug 2017

Should you stay awake at night worrying about hackers on the grid?

Analysis The energy sector across multiple Western countries is under intensified assault by hackers. Security experts warn that industrial systems are wide open to potential exploit once hackers secure a foothold, the most difficult part of the hacking process, using targeted phishing or similar tactics. The UK's government lead cyber …
John Leyden, 28 Jul 2017

Create a news alert about apt, or find more stories about apt.

Biting the hand that feeds IT © 1998–2018