76 matches found
Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks
LAS VEGAS: Mike Murray, vice president of security intelligence at Lookout, talks with Threatpost’s Tom Spring to discuss the latest trends in mobile advanced persistence threats APTs. He said mobile is redefining traditional inbox phishing. On smartphones, phishing includes dangerous links insid...
Beers with Talos EP 28 - APT, BGP, RCEs, and an Old RAT
Beers with Talos BWT Podcast Episode 28 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast EP28 Show Notes: Recorded April 27 - We have a special guest intro this week, since Mitch came down wit...
Google Play Boots Three Malicious Apps From Marketplace Tied to APTs
Two advanced persistent threat groups managed to sneak apps onto the Google Play marketplace earlier this year. Both were designed to conduct surveillance on targets located in the Middle East region, according to Lookout security researchers. One of the groups, identified as APT-C-23 also known ...
Happy IR in the New Year!
At the end of last year Mr. Jake Williams from aka @MalwareJake asked a very important question about Lack of visibility during detecting APT intrusions in twitter. Results show us that endpoint analysis is the most important part of any research connected with APTs. Also, for sure endpoint...
Ransomware, Cyberespionage Dominate Verizon DBIR
Ransomware dominated malware-related data breaches investigated by Verizon last year, appearing in 71 percent of cases, according to the annual Verizon Data Breach Investigations Report DBIR released Thursday. Compared to last year’s DBIR report, ransomware attacks are up 50 percent. Still, Veriz...
Vermont Grid 'Hack' Latest Tumble Down Attribution Rabbit Hole
A Vermont utility was for a brief moment last week at the center of a geopolitical scandal in which the Russian government was implicated in an attack against a U.S. electric grid. As it turns out, a laptop at Burlington Electric Department was infected with the Neutrino Exploit Kit. There was no...
IBM Opens Attack Simulation Test Center
CAMBRIDGE, Ma. – IBM cut the ribbon on its new global security headquarters Wednesday that will also serve as command center for its just announced X-Force Incident Response and Intelligence Services. The centerpiece of the new 153,000-sqft facility is the company’s Cyber Range which IBM bills as...
Juan Andres Guerrero-Saade and Brian Bartholomew on APT False Flags and Attribution
Mike Mimoso talks to Kaspersky Lab Global Research and Analysis Team researchers Juan Andres Guerrero-Saade and Brian Bartholomew about a paper released at Virus Bulletin on deception tactics and false flags flown by APT groups to frustrate analysis. Download their paper presented at Virus...
Recapping SAS 2016: IoT Hacks, Metel, Poseidon, and More
Mike Mimoso and Chris Brook recap last week’s Security Analyst Summit — including lots of IoT and critical infrastructure talk, how a researcher hacked his hospital, news on APTs like Metel and Poseidon, and more. Download: ReflectingonSAS2016.mp3 Music by Chris Gonsalves...
Martijn Grooten on the Anti-Virus Industry, This Year's Virus Bulletin Conference, and More
Virus Bulletin’s Martijn Grooten joins Ryan Naraine on the podcast to talk about the changing face of the anti-virus industry, the emergence of APTs as a priority for anti-malware researchers and the highlights of the 25th annual VB Conference. Download: martijngrooten10915.mp3 Music by Chris...
11 China APTs Linked by Central Arms Dealer Infrastructure
As targeted Chinese espionage campaigns are disclosed, it’s easy to get caught up in the immediate impact and details with regard to the compromised site or malware samples involved. It’s also simple to discount them as separate endeavors, one-off projects targeting the secrets held so precious b...
Anup Ghosh on Cyberespionage, Attribution and APTs
Dennis Fisher talks with Anup Ghosh of Invincea about the recent wave of companies admitting to being hacked by APT groups, the difference between cyberespionage and cyberwar, what the government can do to encourage more intelligence sharing and whether compromised companies are spending enough...
Firms Need 'Tough Love' In Struggle Against APTs
Black Hat is upon us and, with it, a lot of chatter about the dangers posed by so-called “APT,” or advanced persistent threats. Rather than get trapped in the hype bubble, Threatpost editor Paul Roberts took the opportunity to check back in with a recognized expert on detecting and combating...
Greg Hoglund
In his presentation on Friday, “Lateral Movement and Other APT Interaction Patterns within the Enterprise,” HBGary CEO Greg Hoglund reviewed a multitude of modern day Advanced Persistent Threats APTs while breaking down the four stages of an attack...
ExploitHub Offering Bounties – And Residuals – for Exploits
NSS Labs’ announced today that their penetration-testing site, Exploithub, will be offering bounties to researchers for developing exploits for12 high-value vulnerabilities. Exploithub is putting up $4,400 for working exploits against what the company describes as a “dirty dozen” of client-side...
Financial Services Industry Report Urges Rethink on Malware
BITS, a financial services industry trade group has published a guide to malicious software and cyber crime that finds many industry attempts to fight the problem haven’t worked. The report calls on financial services firms to cooperate more in fighting malware. The Malware Risks and Mitigation...