News – August 2018


  • Researchers Developed Artificial Intelligence-Powered Stealthy Malware

    August 9, 2018

    Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization. However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network ...

  • A First Look at the North Korean Malware Family Tree

    August 9, 2018

    Security researchers have analyzed malware samples from threat actors associated with North Korea and discovered connections with tools from older unattributed campaigns. The research is spread over several months and connects a diverse range of operations from cyberespionage to financially-motivated campaigns. The campaigns analyzed by the researchers and a timeline of their release can be shown below. Read more: Source: ...

  • New Actor DarkHydrus Targets Middle East with Open-Source Phishing

    August 9, 2018

    DarkHydrus uses the open-source Phishery tool to create two of the known Word documents used in the attacks. Government entities and educational institutions in the Middle East are under attack in an ongoing credential-harvesting campaign, mounted by a newly-named threat group known as DarkHydrus. In a twist on the norm, the group is leveraging the open-source ...

  • Health Care Data of 2 Million People in Mexico Exposed Online

    August 7, 2018

    A MongoDB database was exposed online that contained health care information for 2 million patients in Mexico. This data included information such as the person’s full name, gender, date of birth, insurance information, disability status, and home address. The database was discovered by security researcher Bob Diachenko via Shodan, which is a search engine for all Internet connected devices and not just web ...

  • Ramnit Changes Shape with Widespread Black Botnet

    August 6, 2018

    A massive proxy botnet is just the tip of the iceberg, a warning sign of a bigger operation in the works by the Ramnit operators. The recently uncovered “Black” botnet campaign using the Ramnit malware racked up 100,000 infections in the two months through July– but the offensive could just be a precursor to a much ...

  • Can you recover the power grid after a cyberattack? The Department of Energy finds out

    August 6, 2018

    The US Department of Energy (DoE) is planning a “hands-on” test of the real-world consequences associated with successful cyberattacks against core country services. Cyberattacks levied against critical infrastructure, smart grids, and utilities are not a future possibility; but rather, they are happening now. Ukraine’s power grid blackout in 2016 was one of the first real indicators that ...

  • U.S. Payment Processing Services Targeted by BGP Hijacking Attacks

    August 6, 2018

    According to a new report, three United States payment processing companies were targeted by BGP hijacking attacks on their DNS servers. These Internet routing attacks were designed to redirect traffic directed at the payment processors to servers controlled by malicious actors who would then attempt to steal the data. On three separate dates in July, Oracle ...

  • Computer Virus Cripples IPhone Chipmaker TSMC Plants

    August 4, 2018

    A computer virus halted several Taiwan Semiconductor Manufacturing Co.factories Friday night, dealing the company one of its most severe disruptions as it ramps up chipmaking for Apple Inc.’s next iPhones. The sole maker of the iPhone’s main processor said a number of its fabrication tools had been infected, and while it had contained the problem and resumed some ...

  • Google Project Zero: ‘Here’s the secret to flagging up bugs before hackers find them’

    August 3, 2018

    Samsung’s utterly confusing vulnerability reporting website has prompted one of Google’s top security researchers to explain how companies should help researchers report bugs and eliminate hackable flaws in products quickly. Google’s Project Zero bug hunter, Natalie Silvanovich, who Microsoft has recognized as a top 10 researcher in the world, has a few tips for vendors of all types ...

  • FBI struggles to retain top cyber talent

    August 3, 2018

    The recent departures of four top FBI cyber officials reflect a troubling trend: The bureau is losing its most seasoned agents and supervisors tasked with disrupting digital threats from Russia and elsewhere, even as threats to the nation’s power grid and elections grow. Close to 20 top FBI cybersecurity leaders have left for high-paying corporate jobs over the ...

  • Salesforce.com Warns Marketing Customers of Data Leakage SNAFU

    August 3, 2018

    Potentially impacted customers include organizations like Aldo, Dunkin Donuts, GE, HauteLook, Nestle Waters, News Corp Australia and Sony. Cloud behemoth Salesforce.com is warning customers about an API error that may have leaked data for some users of its Marketing Cloud offering. The issue was in play between June 4 to July 18, according to an alert that ...

  • How US Military Hackers Prepared to Hack the Islamic State

    August 1, 2018

    In 2016, US Cyber Command (CYBERCOM), a part of the military tasked with conducting offensive cyber operations, hacked internet infrastructure used by the so-called Islamic State. Now, redacted versions of formerly Top Secret and other classified documents obtained by Motherboard lay out the contours of how CYBERCOM planned that operation, taking into account political fallout, ...

  • DOJ Nab Three FIN7 Cybercrime Suspects in Europe

    August 1, 2018

    Three people believed to be member of the FIN7 (or Carbanak) hacking group have been arrested in Europe, according to the US DOJ. Three suspected members of the FIN7 cybercrime group have been arrested in Europe and accused of hacking more than 120 U.S.-based companies with the intent of stealing bank cards. In total, U.S. Department of ...