[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions 😉
Obviously, the big news is suspected hack of the OPM
So onto the news:
Access to the kit and building the malware is free, but the client is the one responsible of distribution, and 30% of the profit would go to the author of Tox.
Access to the kit and building the malware is free, but the client is the one responsible of distribution, and 30% of the profit would go to the author of Tox.
On Wednesday, the creator of the ransomware-as-a-service platform decided to get out of the game, although it is claimed that in one week the platform recorded 1,000 users and more than 1,000 infections.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7d0c15d8e0&e=20056c7556
A new resume-themed malicious email campaign spotted by security researchers aims at delivering version 3.0 of CryptoWall ransomware, recording success against some antivirus solutions.
For this campaign, the threat actor sends the message making it look like it is a reply to a previous email sent by the victim. Attached to it is a ZIP archive containing an HTML document
The file redirects to a compromised WordPress website containing an iFrame with a redirect to a Google Drive cloud storage account serving the a malware downloader, which poses as a PDF but is in fact an executable file (SCR) associated with screensavers.
The infection chain is pretty intricate for a campaign of this kind and relies on multiple layers of obfuscation that are likely to fool multiple antivirus solutions.
Nick Biasini from Cisco’s TALOS security intelligence and research group analyzed the infection chain and said that a large number of the recipients were tricked and attempted to download the malware downloader from the compromised WordPress website.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=6f063a5707&e=20056c7556
OPM HACKERS SKIRTED CUTTING-EDGE INTRUSION DETECTION SYSTEM, OFFICIAL SAYS
…tool, called EINSTEIN 3, would not have been able to catch a threat that has no known footprints, according to multiple industry experts.
The malicious software used to compromise an Office of Personnel Management system in December reportedly had never been seen before and carried no indicators of compromise, or “signatures.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=054573e2f7&e=20056c7556
Hackers Steal Trading Algorithms
The security vendor Kroll reports that it has recently investigated three incidents involving hackers stealing such algorithms. “In two of the cases we were able to find the bad guy and stop him before he could share it on the Web,” Ernest Hilbert, Kroll’s head of cyber investigations for Europe, the Middle East and Africa, tells the Financial Times.
This isn’t the first time that warnings have been sounded over the theft of funds’ secret trading algorithms. On Feb. 24, Chinese national Kang Gao pleaded guilty to stealing documents from his former employer, the Manhattan-based international hedge fund firm Two Sigma. According to court documents, Gao’s employment contract prohibited him from attempting to access the quantitative trading strategies, trading models and related scientific and marketing materials that he admitted e-mailing to himself. He’s due to be sentenced in April.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=45222180fb&e=20056c7556
Situational Awareness: Elusive Key Ingredient of Worthwhile Cyber Threat Intelligence
Yet across the business world today, few organizations or their cybersecurity teams practice simple, diligent cyber situational awareness from top to bottom, despite dynamic and continuous cyber crime that threatens the livelihood of their enterprises.
Analyzing the data from my own efforts implementing these kinds of approaches over just the last two years, here are 4 observations:
1. “Somebody Else’s Problem Field”, or SEP
2. Tunnel-Vision, Stove-Pipe, Navel-Gazing, Horse-Blinders Addiction Syndrome
3. A Case of Mistaken Identity
4. Situational awareness is not a “need to have,” it’s a “nice to have”
Without a solid base in knowing who you are as a target and what’s going on around you at all times, everything else you do is essentially a half-measure. As with the military where life, limb and victory are always on the line, situational awareness isn’t a “need to have, “ it’s an “absolute must have.”
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0a0b2e2a5e&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage2.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage1.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=66b28064ed)
** Update subscription preferences (http://paulgdavis.us3.list-manage1.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)