What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-07-01 06:49:03 | Iran-linked APT33 updates infrastructure following its public disclosure (lien direct) | The Iran-linked cyberespionage group APT33 has updated its infrastructure after the publication of a report detailing its activities. In March, Symantec published a report detailing the activities of Iran-linked cyberespionage group APT33 that was targeting organizations in Saudi Arabia and the United States. The APT33 group has been around since at least 2013, since mid-2016, the […] | APT33 APT 33 | ||
 |
2019-06-27 14:56:04 | Iranian Cyberspies Update Infrastructure Following Recent Report (lien direct) | The Iran-linked cyberespionage group APT33 has updated its infrastructure following a March 2019 report detailing its activities, according to researchers from Recorded Future. | APT33 APT 33 | ||
|
2019-06-27 05:32:05 | Similarities and differences between MuddyWater and APT34 (lien direct) | Security expert Marco Ramilli analyzed similarities and differences between the MuddyWater and APT34 cyberespionage groups. Many state sponsored groups have been identified over time, many of them have different names (since discovered by different organizations) and there is no an agreed standardization on the topic but many victims and some interests look very tight together. […] | APT 34 | ||
 |
2019-06-25 18:45:03 | Fitted With Sensors, Antarctic Seals Track Water Temperatures (lien direct) | Scientists have outfitted an army of Antarctic pinnipeds with trackers to monitor warming oceans. | APT 32 | ||
 |
2019-06-25 11:03:01 | FireEye a identifié des activités de " spearphishing " (harponnage) conduites par le groupe de menaces iranien APT33 (lien direct) |  FireEye a identifié des activités de 'spearphishing' (harponnage) conduites par le groupe de menaces iranien APT33. |
APT33 APT 33 | ||
|
2019-06-21 13:01:04 | Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig (lien direct) | Russia-Linked cyberespionage group Turla uses a new toolset and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Russia-linked Turla cyberspies used a new set of tools in new attacks and hijacked command and control infrastructure operated by Iran-Linked OilRig APT. Recent campaigns demonstrate that Turla continues to evolve its arsenal and adopt news […] | APT 34 | ||
|
2019-06-20 18:11:01 | Russia-Linked Hackers Hijack Infrastructure of Iranian Threat Group (lien direct) | Russia-Linked Hackers Use New Toolset and Likely Took Over Servers Operated by Iran-Linked "OilRig" Threat Group | Threat | APT 34 | |
 |
2019-06-20 12:34:02 | Turla Espionage Group Hacks OilRig APT Infrastructure (lien direct) | Security researchers tracking activities of various nation-state cyber-espionage groups found evidence suggesting that the Turla group hijacked the infrastructure of OilRig hackers to compromise a target both actors were interested in. [...] | APT 34 | ★★★★★ | |
 |
2019-06-20 10:00:00 | Russian APT hacked Iranian APT\'s infrastructure back in 2017 (lien direct) | Turla APT hacked Iran's APT34 group and used its C&C servers to re-infect APT34 victims with its own malware. | APT 34 | ||
 |
2019-06-10 11:55:00 | Report Reveals Website Security Risk For Australian & NZ Firms (lien direct) | New research has found 87% of SME websites using the Magento platform are currently at high risk from cyber attacks. By contrast, under 10% of websites using other major e-commerce platforms surveyed register in the same high risk category. The research, from cyber security firm Foregenix, analysed nearly 9 million websites worldwide, including 150,000 in Oceania – Australia and New … The ISBuzz Post: This Post Report Reveals Website Security Risk For Australian & NZ Firms | APT 32 | ||
|
2019-06-06 11:00:05 | Analyzing the APT34\'s Jason project (lien direct) | Security expert Marco Ramilli has analyzed the recently leaked APT34 hacking tool tracked as Jason – Exchange Mail BF. Today I want to share a quick analysis on a new leaked APT34 Tool in order to track similarities between APT34 public available toolsets. This time is the APT34 Jason – Exchange Mail BF project to be leaked […] | Tool | APT 34 | |
|
2019-06-04 13:55:05 | OilRig\'s Jason email hacking tool leaked online (lien direct) | A few hours ago, a new email hacking tool dubbed Jason and associated with the OilRig APT group was leaked through the same Telegram channel used to leak other tools. A new email hacking tool associated with the Iran-linked OilRig APT group was leaked through the same Telegram channel that in April leaked the source […] | Tool | APT 34 | |
|
2019-06-03 12:56:01 | New Email Hacking Tool from OilRig APT Group Leaked Online (lien direct) | A tool for hijacking Microsoft Exchange email accounts allegedly used by the OilRig hacker group has been leaked online. The utility is called Jason and it is not detected by antivirus engines on VirusTotal. [...] | Tool | APT 34 | |
|
2019-06-02 05:58:04 | Gadget Lab Podcast: An Interview With Firewire Surfboards CEO Mark Price (lien direct) | Listen to an interview with our guest Mark Price about how to make a surfboard without ruining the ocean. | APT 32 | ||
|
2019-05-22 17:00:00 | Scientists Go Back in Time to Find More Troubling News About Earth\'s Oceans (lien direct) | A clever study finds communities of foraminifera, a hard-shelled kind of plankton, have transformed dramatically since the Industrial Revolution. | APT 32 | ||
|
2019-05-17 15:00:00 | Now Ocean Plastics Could Be Killing Oxygen-Making Bacteria (lien direct) | The toxins that plastics leach into seawater severely affect the bacteria that provides perhaps 20 percent of Earth's oxygen. That's when things get complicated... | APT 32 | ||
|
2019-05-14 12:48:00 | North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal (lien direct) | The North Korea-linked APT group ScarCruft (aka APT37 and Group123) continues to expand its arsenal by adding a Bluetooth Harvester. North Korea-linked APT group ScarCruft (aka APT37, Reaper, and Group123) continues to expand its arsenal by adding a Bluetooth Harvester. ScarCruft has been active since at least 2012, it made the headlines in early February […] | Cloud | APT 37 | |
|
2019-05-13 18:50:03 | US Government Unveils New North Korean Hacking Tool (lien direct) | It has been reported that yesterday the Department of Homeland Security and the FBI publicly identified a new North Korean malware capable of funnelling information from a victim’s computer network. Dubbed ElectricFish by government officials, the malware is the latest tool in North Korea’s hacking program, referred to as Hidden Cobra. The U.S. Cyber Emergency Response Team published a report warning the public … The ISBuzz Post: This Post US Government Unveils New North Korean Hacking Tool | Malware Tool Medical | APT 38 | |
 |
2019-05-13 16:46:00 | ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks (lien direct) | In its latest observed campaign, there were also overlaps in victimology with the DarkHotel APT. | Malware | APT 37 | |
|
2019-05-13 15:29:00 | North Korea-Linked \'ScarCruft\' Adds Bluetooth Harvester to Toolkit (lien direct) | A North Korea-linked threat group tracked as ScarCruft, APT37 and Group123 continues to evolve and expand its toolkit, Kaspersky Lab reported on Monday. | Threat Cloud | APT 37 | |
|
2019-05-10 13:53:03 | DHS and FBI published a Malware Analysis Report on North Korea-linked tool ELECTRICFISH (lien direct) | The U.S. Department of Homeland Security (DHS) and the FCI published a new joint report on ELECTRICFISH, a malware used by North Korea. US DHS and the Federal Bureau of Investigation (FBI) conducted a joint analysis of a traffic tunneling tool dubbed ELECTRICFISH used by North Korea-linked APT group tracked as Hidden Cobra (aka Lazarus). It […] | Malware Tool Medical | APT 38 | |
|
2019-05-10 10:41:04 | North Korea debuts new Electricfish malware in Hidden Cobra campaigns (lien direct) | The tool is used to forge covert pathways out of infected Windows PCs. | Malware Tool | APT 38 | |
 |
2019-05-10 03:04:03 | North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data (lien direct) | The U.S. Department of Homeland Security (DHS) and the FBI have issued another joint alert about a new piece of malware that the prolific North Korean APT hacking group Hidden Cobra has actively been using in the wild.
Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by North Korean government and known to launch cyber attacks against media |
Malware Medical | APT 38 | |
|
2019-05-09 16:59:05 | (Déjà vu) North Korean Hackers Use ELECTRICFISH Malware to Steal Data (lien direct) | The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a new malware strain dubbed ELECTRICFISH and used by the North-Korean APT group Lazarus to exfiltrate data from victims. [...] | Malware | APT 38 | |
 |
2019-05-07 15:15:00 | How a Chinese Nation-State Group Reverse-Engineered NSA Attack Tools (lien direct) | New Symantec research shows how the Buckeye group captured an exploit and backdoor used by the National Security Agency and deployed them on other victims. | APT 3 | ||
|
2019-05-07 11:15:00 | Buckeye APT group used Equation Group tools prior to ShadowBrokers leak (lien direct) | China-linked APT group tracked as APT3 was using a tool attributed to the NSA-linked Equation Group more than one year prior to Shadow Brokers leak. China-linked APT group tracked as APT3 (aka Buckeye, APT3, UPS Team, Gothic Panda, and TG-0110) was using a tool attributed to the NSA-linked Equation Group more than one year prior […] | Tool | APT 3 | |
|
2019-05-07 01:41:01 | Chinese Hackers Used NSA Hacking Tools Before Shadow Brokers Leaked Them (lien direct) | In a shocking revelation, it turns out that a hacking group believed to be sponsored by Chinese intelligence had been using some of the zero-day exploits linked to the NSA's Equation Group almost a year before the mysterious Shadow Brokers group leaked them.
According to a new report published by cybersecurity firm Symantec, a Chinese-linked group, which it calls Buckeye, was using the |
APT 3 | ||
|
2019-04-28 12:00:00 | Scientists Discover Nearly 200,000 Kinds of Ocean Viruses (lien direct) | Far more viruses appear to populate the seas than was previously thought, a discovery that could help clarify viruses' role in the global carbon cycle. | APT 32 | ||
|
2019-04-26 14:00:00 | Exquisite Underwater Photos to Make You Love the Ocean (lien direct) | Christian Vizl gets up close with sharks, sea lions and more. | APT 32 | ||
 |
2019-04-25 18:28:33 | Lazarus APT cible les utilisateurs Mac avec un document de mot empoisonné Lazarus APT Targets Mac Users with Poisoned Word Document (lien direct) |
Les acteurs de la menace ont le savoir-faire pour développer des campagnes qui ciblent votre maillon le plus faible.Découvrez comment Lazarus APT a apporté son malware sur la plate-forme macOS d'Apple \\.
Threat actors have the know-how to develop campaigns that target your weakest link. Learn how Lazarus APT took their malware to Apple\'s macOS platform. |
Malware | APT 38 | ★★★ |
 |
2019-04-22 15:47:02 | (Déjà vu) A week in security (April 15 – 21) (lien direct) |
A roundup of security news from April 15–21, including an explanation of like-farming, Ellen DeGeneres scam, flaws in VPN services, funky malware formats found in Ocean Lotus, and more.
Categories:
Security world
Week in security
Tags: a week in securitycyber resilienceEllen DeGeneresfake Airbnb sitesFlame 2.0IE vulnerabilitylike-farmingnotre dame disinformationVPN flawweek in security
(Read more...)
|
Malware | APT 32 | |
|
2019-04-19 18:37:05 | Funky malware format found in Ocean Lotus sample (lien direct) |
Recently, one of our researchers presented at the SAS conference on "Funky malware formats"-atypical executable formats used by malware that are only loaded by proprietary loaders. In this post, we analyze one of those formats in a sample called Ocean Lotus from the APT 32 threat group in Vietnam.
Categories:
Malware
Threat analysis
Tags: APT 32atypical malware formatsBLOBCABcustom formatmalware formatocean lotusVietnam
(Read more...)
|
Malware Threat | APT 32 | |
|
2019-04-19 15:45:02 | Explained – APT34 Code Leak (lien direct) | Hackers, going by the online name of Lab Dookhtegan, have revealed details about the inner workings of a cyber-espionage group mostly known in the security community as OilRig, APT34, and HelixKitten, linked to the Iranian government. Alexander Heid, White Hat Hacker and Chief Research Officer at SecurityScorecard: “Now that these scripts are public, they will likely be leveraged by cybercriminal groups … The ISBuzz Post: This Post Explained – APT34 Code Leak | APT 34 | ||
|
2019-04-19 12:07:04 | Source code of tools used by OilRig APT leaked on Telegram (lien direct) | Lab Dookhtegan hackers leaked details about operations carried out by Iran-linked OilRig group, including source code of 6 tools. A hacker group that goes online with the name Lab Dookhtegan have disclosed details about operations conducted by the Iran-linked cyber-espionage group tracked as OilRig, APT34, and HelixKitten. OilRig is an Iran-linked APT group that has been […] | APT 34 | ||
|
2019-04-18 20:47:05 | Analyzing OilRig\'s malware that uses DNS Tunneling (lien direct) | Iran-linked APT group OilRig is heavily leveraging on DNS tunneling for its cyber espionage campaigns, Palo Alto Networks reveals. Security researchers at Palo Alto Networks reported that Iran-linked APT group OilRig is heavily leveraging on DNS tunneling for its cyber espionage campaigns, Palo Alto Networks reveals. OilRig is an Iran-linked APT group that has been […] | Malware | APT 34 | |
|
2019-04-18 10:10:01 | Hacker Group Exposes Iranian APT Operations and Members (lien direct) | Hackers have revealed details about the inner workings of a cyber-espionage group mostly known in the security community as OilRig, APT34, and HelixKitten, linked to the Iranian government. [...] | APT 34 | ||
|
2019-04-17 23:24:00 | Source code of Iranian cyber-espionage tools leaked on Telegram (lien direct) | APT34 hacking tools and victim data leaked on a secretive Telegram channel since last month. | APT 34 | ||
|
2019-04-12 14:58:05 | North Korea\'s Hidden Cobra Strikes U.S. Targets with HOPLIGHT (lien direct) | The custom malware is a spy tool and can also disrupt processes at U.S. assets. | Malware Tool | APT 38 | |
 |
2019-04-12 13:00:00 | Things I hearted this week 12th April 2019 (lien direct) |
Hello again to another weekly security roundup. This week, I have a slightly different spin on the roundup in that the net has been slightly widened to include broader technology topics from more than just this last week. However, all of the articles were written by ladies. With that, let’s dive straight in.
A beginner's guide to test automation
If you’re new to automated testing, you’re probably starting off with a lot of questions: How do I know which tests to automate? Why is automated testing useful for me and my team? How do I choose a tool or framework? The options for automated testing are wide open, and you may feel overwhelmed.
If so, this is a great article on how to get started.
A Beginner's Guide to Test Automation | Sticky Minds
.jpg)
All roads lead to exploratory testing
When I’m faced with something to test – be it a feature in a software application or a collection of features in a release, my general preference is weighted strongly towards exploratory testing. When someone who doesn’t know a great deal about testing wants me or my team to do testing for them, I would love to educate them on why exploratory testing could be a strong part of the test strategy.
All roads lead to exploratory testing | Womentesters
While on the topic of testing
Testing Behaviours — Writing A Good Gherkin Script | Medium, Jo Mahadevan
Single-page, server-side, static… say what?
An emoji-filled learning journey about the trade-offs of different website architectures, complete with gifs, diagrams, and demo apps.
If you’ve been hanging around the internet, trying to build websites and apps, you may have heard some words in conversation like static site or server-side rendered (SSR) or single-page app (SPA).
But what do all of these words mean? How does each type of application architecture differ? What are the tradeoffs of each approach and which one should you use when building your website?
Single-Page, Server-Side, Static… say what? | Marie Chatfield
If, like me you enjoyed this post by Marie, check out some of her other posts which are great. Quick plug to Protocol-andia: Welcome to the Networking Neighborhood. A whimsical introduction to how computers talk to each other, and what exactly your requests are up to.
Strengthen your security posture: start with a cybersecurity framework
The 2017 Equifax data breach is expected to break all previous records for data breach costs, with Larry Ponemon, chairman of the Ponemon Institute, estimating the final cost to be more than $600 million.
Even non-enterprise-level organizations suffer severe consequences for data breaches. According to the National Cyber Security Alliance, mid-market companies pay more than $1 million in post-attack mitigation, and the average cost of a data breach to an SMB is $117,000 per incident. While estimates vary, approximately 60% of businesses who suffer a breach are forced to shut down business within 6 months.
It is mor |
Guideline Prediction | Equifax APT 39 | |
|
2019-04-11 19:58:01 | FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT (lien direct) | According to a joint report published by the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), North Korea-linked Lazarus APT group is using a new Trojan in attacks. According to a joint report issued by the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), North […] | APT 38 | ||
|
2019-04-11 17:00:04 | (Déjà vu) DHS And FBI Issue Advisory On North Korean HOPLIGHT Malware (lien direct) | It has been reported that the U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. According to the MAR AR19-100A advisory published on the US-CERT website, the new Trojan was detected while tracking … The ISBuzz Post: This Post DHS And FBI Issue Advisory On North Korean HOPLIGHT Malware | Malware | APT 38 | |
 |
2019-04-11 13:00:03 | Protect Your Business by Managing Network Security from the Palm of Your Hand (lien direct) | by Russ Schafer, Head of Product Marketing, Security Platforms, published April 11th 2019 Next generation cyber security attacks can happen at any time to any size business, so you need to be prepared to react immediately. Based on the 2018 Verizon Data Breach report, 58% of security breach victims are categorized as small… | Data Breach Prediction | APT 39 | |
 |
2019-04-11 12:28:03 | New Hoplight malware marks re-emergence of Lazarus Group. (lien direct) | The Lazarus Group hacking operation, thought to be controlled by the North Korean government, has a new malware toy to pitch at potential targets and the US is getting worried about it. This according to a report from US-Cert, which say that the group (also known as “Hidden Cobra”) has a new piece of spyware […] | Malware Medical | APT 38 | |
|
2019-04-10 14:06:04 | DHS and FBI Issue Advisory on North Korean HOPLIGHT Malware (lien direct) | The U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. [...] | Malware | APT 38 | |
 |
2019-04-09 09:30:05 | OceanLotus: macOS malware update (lien direct) | >Latest ESET research describes the inner workings of a recently found addition to OceanLotus's toolset for targeting Mac users | Malware | APT 32 | |
|
2019-04-05 15:08:01 | Sea Levels Are Rising. Time to Build ... Floating Cities? (lien direct) | If climate change ends up coming for your home, you could move inland. Or you could decamp to tessellated platforms floating on the ocean. | APT 32 | ||
|
2019-04-03 17:25:04 | OceanLotus APT group leverages a steganography-based loader to deliver backdoors (lien direct) | The OceanLotus APT group, also known as APT32 or Cobalt Kitty, leverages a steganography-based loader to deliver backdoors on compromised systems. Security researchers at Cylance discovered that the OceanLotus APT (also known as APT32 or Cobalt Kitty, group is using a loader leveragingsteganography to deliver a version of Denes backdoor and an updated version of […] | APT 32 | ||
|
2019-04-03 14:44:02 | OceanLotus APT Uses Steganography to Shroud Payloads (lien direct) | The OceanLotus APT is using two new loaders which use steganography to read their encrypted payloads. | APT 32 | ★★★★ | |
|
2019-03-28 16:12:00 | Lazarus Group Widens Tactics in Cryptocurrency Attacks (lien direct) | MacOS users, as well as Windows, are in the cross-hairs, especially those based in South Korea. | APT 38 | ||
 |
2019-03-28 09:11:00 | APT group Elfin switches from data destruction to data stealing via WinRAR vulnerability (lien direct) | Elfin (aka APT33), a hacker group affiliated with the Iranian government, is described by Symantec as “one of the most active groups currently operating in the Middle East.” They have been linked with a string of attacks on U.S. and Saudi Arabian companies, particularly in the aerospace and energy sectors. [ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ] | Data Breach Vulnerability | APT33 APT 33 |
To see everything:
Our RSS (filtrered)
