SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2022-09-06 08:00:00	Researcher Spotlight: How Asheer Malhotra looks for \'instant gratification\' in threat hunting (lien direct)	The India native has transitioned from a reverse-engineer hobbyist to a public speaker in just a few years By Jon Munshaw. Ninety percent of Asheer Malhotra's work will never see the light of day. But it's that 10 percent that keeps him motivated to keep looking for something new. The Talos Outreach researcher spends most of his days looking into potential new threats. Many times, that leads to dead ends of threats that have already been discovered and blocked or don't have any additional threads to pull on. But eventually, the “lightbulb goes off,” as he puts it, which indicates something is a new threat the wider public needs to know about. During his time at Talos, Malhotra has spent much of his time looking into cyber attacks and state-sponsored threat actors in Asia, like the Transparent Tribe group he's written about several times. “At some point, I say 'Hey, I don't think I've seen this before.' I start analyzing public disclosures, and slowly start gaining confidence and being able to craft a narrative around the motivations and tactics around a specific threat actor or malware campaign,” he said. In the case of Transparent Tribe, Malhotra's tracked their growth as a major player in the threat landscape in Asia, as they've added several remote access trojans to their arsenal, targeted high-profile government-adjacent entities in India and expanded their scope across the region. When he's not threat hunting, Malhotra also speaks to Cisco customers about the current state of cybersecurity in briefings and delivers presentations at conferences around the world (mainly virtually during the COVID-19 pandemic). “I always try to find the latest and new stuff to talk about. … I've been honing my skills and trying to speak more confidently publicly, but the confidence is backed up with the right kind of knowledge and the threat intelligence, that's what helps me succeed,” he said. Malhotra is a native of India and spent most of his life there before coming to the U.S. for his master's degree at Mississippi State University. Mississippi was a far cry from everything else he had known up until that point, but he quickly adjusted. “That was the 'Deep South,'” he said. “So there was a culture shock, but the southern hospitality is such a real thing, and it felt very normal there.” Growing up, Malhotra always knew he wanted to work with computers, starting out as a teenager reverse-engineering exploits he'd see others talk about on the internet or just poking at smaller applications. His additional interest in politics and national security made it natural for him to combine the two and focus his research on state-sponsored actors. He enjoys continuing his research in the Indian subcontinent and sees many parallels between the state of security in India and the U.S. “Th	Ransomware Malware Threat Guideline	APT 36
	2022-07-13 16:08:15	Transparent Tribe begins targeting education sector in latest campaign (lien direct)	Cisco Talos has been tracking a new malicious campaign operated by the Transparent Tribe APT group.This campaign involves the targeting of educational institutions and students in the Indian subcontinent, a deviation from the adversary's typical focus on government entities.The attacks result in... [[ This is only the beginning! Please visit the blog for the complete entry ]]		APT 36
	2022-03-29 05:02:08	Transparent Tribe campaign uses new bespoke malware to target Indian government officials (lien direct)	By Asheer Malhotra and Justin Thattil with contributions from Kendall McKay. Cisco Talos has observed a new Transparent Tribe campaign targeting Indian government and military entities. While the actors are infecting victims with CrimsonRAT, their well-known malware of choice, they are also using... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Malware	APT 36
	2022-02-09 05:06:14	What\'s with the shared VBA code between Transparent Tribe and other threat actors? (lien direct)	By Vanja Svajcer and Vitor Ventura. Recently, we've been researching several threat actors operating in South Asia: Transparent Tribe, SideCopy, etc., that deploy a range of remote access trojans (RATs). After a hunting session in our malware sample repositories and VirusTotal while looking into... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Malware Threat	APT 36
	2021-09-23 05:01:25	Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs (lien direct)	By Asheer Malhotra, Vanja Svajcer and Justin Thattil. Cisco Talos is tracking a campaign targeting government personnel in India using themes and tactics similar to APT36 (aka Mythic Leopard and Transparent Tribe).This campaign distributes malicious documents and archives to deliver the Netwire... [[ This is only the beginning! Please visit the blog for the complete entry ]]		APT 36
	2021-07-16 07:14:51	Talos Takes Ep: #61: SideCopy sounds so familiar, but I just can\'t put my finger on it... (lien direct)	By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Asheer Malhotra of Talos Outreach has spent the past few months tracking APTs all along the same line. APT 36, aka... [[ This is only the beginning! Please visit the blog for the complete entry ]]		APT 36	★★
	2021-07-07 05:01:04	InSideCopy: How this APT continues to evolve its arsenal (lien direct)	By Asheer Malhotra and Justin Thattil. Cisco Talos is tracking an increase in SideCopy's activities targeting government personnel in India using themes and tactics similar to APT36 (aka Mythic Leopard and Transparent Tribe).SideCopy is an APT group that mimics the Sidewinder APT's infection... [[ This is only the beginning! Please visit the blog for the complete entry ]]		APT 36 APT-C-17
	2021-05-28 07:30:24	Talos Takes Ep. #55: How Transparent Tribe could evolve in the future (lien direct)	By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We recently covered how the Transparent Tribe APT added another RAT to its arsenal. Where might they go from here? In... [[ This is only the beginning! Please visit the blog for the complete entry ]]		APT 36
	2021-05-13 05:09:57	Transparent Tribe APT expands its Windows malware arsenal (lien direct)	By Asheer Malhotra, Justin Thattil and Kendall McKay. Transparent Tribe, also known as APT36 and Mythic Leopard, continues to create fake domains mimicking legitimate military and defense organizations as a core component of their operations. Cisco Talos' previous research has mainly linked this... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Malware	APT 36
	2021-03-02 05:49:51	ObliqueRAT returns with new campaign using hijacked websites (lien direct)	By Asheer Malhotra. Cisco Talos has observed another malware campaign that utilizes malicious Microsoft Office documents (maldocs) to spread the remote access trojan (RAT) ObliqueRAT. This campaign targets organizations in South Asia.ObliqueRAT has been linked to the Transparent Tribe APT group in the past.This campaign hides the ObliqueRAT payload in seemingly benign image files hosted on compromised websites. What's new?Cisco Talos recently discovered another new campaign distributing the... [[ This is only the beginning! Please visit the blog for the complete entry ]]	Malware	APT 36

Last update at: 2024-06-02 22:08:44
See our sources.

To see everything: Our RSS (filtrered)