Articles about apt

silence

Hackers tiptoe out, launch Silence trojan, quietly raid banks of meeelllions

Cybercrooks are directly attacking banks in multiple countries using a trojan dubbed Silence. At least 10 financial organisations in multiple regions including Russia, Armenia, and Malaysia have been targeted by the so-called Silence crew in a series of ongoing attacks. While stealing funds from its victims, Silence runs …
John Leyden, 2 Nov 2017
malware_security_648

Hackers abusing digital certs smuggle malware past security scanners

Malware writers are widely abusing stolen digital code-signing certificates, according to new research. Malware that is signed with compromised certificates creates a means for hackers to bypass system protection mechanisms based on code signing. The tactic extends far beyond high profile cyber-spying ops, such as the Stuxnet …
John Leyden, 1 Nov 2017
Image by Dr Flash http://www.shutterstock.com/gallery-182053p1.html

Bootkit ransomware baddy hops down BadRabbit hole in Japan

A new strain of ransomware is apparently being used for targeted attacks in Japan. MBR-ONI, a new bootkit ransomware, relies on modified version of a legitimate open-source disk encryption utility called DiskCryptor for its encryption routines – the same tool abused by the Bad Rabbit ransomware last week. While ONI and the …
John Leyden, 31 Oct 2017
bouncer

Mil-spec infosec spinout Cryptonite reveals its network-scrambling tech

Security startup Cryptonite dropped out of stealth ​late last week with a micro-segmentation-based technology designed to prevent​ ​hacker​ ​reconnaissance​ ​and​ ​lateral​ ​movement. CryptoniteNXT​, the firm's network​ ​appliance​, sits between an organisation's perimeter firewall and internal networks, blocking​ ​malicious …
John Leyden, 30 Oct 2017

UK.gov joins Microsoft in fingering North Korea for WannaCry

The UK government has joined Microsoft in blaming North Korea for the WannaCry ransomware attack. Security minister Ben Wallace appeared on BBC Radio4's flagship Today programme on Friday morning to blame North Korea for the infamous ransomware attack that disrupted the operation of one in three NHS Trusts in England as well …
John Leyden, 27 Oct 2017

'We've nothing to hide': Kaspersky Lab offers to open up source code

Russian cybersecurity software flinger Kaspersky Lab has offered to open up its source code for third-party review. The firm's Global Transparency Initiative is in response to moves to ban the use of its technology on US government systems by the Department of Homeland Security over concerns of alleged ties with the Russian …
John Leyden, 23 Oct 2017

Brit intel fingers Iran for brute-force attacks on UK.gov email accounts

Iran has been blamed for the brute-force attack on UK Parliament earlier this year. An unpublished assessment by British intelligence obtained by The Times fingers Iran for the high-profile hack. The revelation comes as the US president has refused to continue signing off the 2015 Iran nuclear deal, to which the UK is a party …
John Leyden, 16 Oct 2017

North Korean hackers allegedly probing US utilities for weaknesses

Hackers believed to be from North Korea are casing out US electric companies in preparation for a possible cyber attack – so says security firm FireEye. "FireEye devices detected and stopped spear phishing emails sent on Sept. 22, 2017, to US electric companies by known cyber threat actors likely affiliated with the North …
John Leyden, 11 Oct 2017
PHP, image via Shutterstock

Avast urges devs to secure toolchains after hacked build box led to CCleaner disaster

VB2017 Avast staffers spoke at the Virus Bulletin International Conference in Madrid, Spain, on Thursday to shed more light on their postmortem of the CCleaner fiasco – and urge developers to protect their software's toolchain and distribution systems from hackers. The widely used utility, which removes unwanted temporary files and …
John Leyden, 6 Oct 2017
spies_648

Spy vs spy vs hacker vs... who is THAT? Everyone's hacking each other

VB2017 Intel agencies and top-tier hackers are actively hacking other hackers in order to steal victim data, borrow tools and techniques, and reuse each other's infrastructure, attendees at Virus Bulletin Con, Madrid, were told yesterday. The increasing amount of spy-vs-spy type activity is making accurate threat intel increasingly …
John Leyden, 5 Oct 2017
password

Och. Scottish Parliament under siege from brute-force cyber attack

Hackers are trying to break into Scottish Parliament email accounts weeks after similar campaigns against Westminster. MSPs and Holyrood staff were warned on Tuesday that as-yet unidentified hackers were running "brute-force" attacks on systems in the devolved assembly, The Guardian reports. Similar attacks on Westminster back …
John Leyden, 16 Aug 2017

APT-style attack against over 4,000 infrastructure firms blamed on lone Nigerian 20-something

A seemingly state-sponsored cyberattack aimed at more than 4,000 infrastructure companies has been blamed on a lone Nigerian cybercriminal. The campaign started in April 2017, and has targeted some of the largest international organisations in the oil, gas, manufacturing, banking and construction industries. The global scale …
John Leyden, 15 Aug 2017
Hotel staff

Kremlin's hackers 'wield stolen NSA exploit to spy on hotel guests in Europe, Mid East'

Russian hackers accused of ransacking the US Democratic party's servers last year may now be targeting hotels in Europe and the Middle East, it is claimed. Miscreants are using various techniques, including the leaked NSA EternalBlue exploit also wielded by the WannaCry malware, to hack into laptops and other devices used by …
John Leyden, 12 Aug 2017

Should you stay awake at night worrying about hackers on the grid?

Analysis The energy sector across multiple Western countries is under intensified assault by hackers. Security experts warn that industrial systems are wide open to potential exploit once hackers secure a foothold, the most difficult part of the hacking process, using targeted phishing or similar tactics. The UK's government lead cyber …
John Leyden, 28 Jul 2017
Cat attacking

Crappy hacker crew fingered for Bundestag snooping operation

Security researchers have lifted the lid on a new cyber-espionage crew that has targeted the German Bundestag and Turkish diplomats. CopyKittens has attacked government, security and academic institutions, websites in Germany and Turkey, as well as United Nations employees and organisations in Saudi Arabia, Israel and Jordan …
John Leyden, 25 Jul 2017

Huge ransomware outbreak spreads in Ukraine and beyond

Updated A huge ‪ransomware‬ outbreak has hit major banks, utilities and telcos in Ukraine as well as victims in other countries. Check out our full analysis of the software nasty, here. Early analysis of the attack points towards a variant of the known Petya ransomware, a strain of malware that encrypts the filesystem tables and …
John Leyden, 27 Jun 2017
Big Ben and Underground sign. Pic: Crown copyright/MoD

UK Parliament hack: Really, a brute-force attack? Really?

Comment Just under 90 Parliamentary email accounts were compromised by a brute force attack on the parliamentary network over the weekend. And there is a long-established technology which can normally see off this kind of attack. Two factor authentication (2FA) technology has been ubiquitous among enterprises as an verification …
John Leyden, 26 Jun 2017

US Secretary of State: Я буду работать с Россией по вопросам кибербезопасности

Analysis US Secretary of State Rex Tillerson has expressed a willingness to work directly with Russia on cybersecurity and other issues. The proposed partnership is surprising, given the continued controversy over allegations that the Russians interfered with last year's US presidential election – a serious accusation at the center of …
John Leyden, 23 Jun 2017

Create a news alert about apt, or find more stories about apt.

Biting the hand that feeds IT © 1998–2017