0 Comments
Cyberespionage operations by governments with mature cyber capabilities persist regardless of geopolitical events. Espionage typically focuses on broader long-term strategic goals. Secureworks® Counter Threat Unit™ (CTU) researchers monitor Iranian cyber operations, including the potential for retaliation after a January 2, 2020 U.S. drone strike killed Islamic Revolutionary Guard Corps (IRGC) Quds Force General Qasem Soleimani.
0 Comments
The deadline for filing taxes in the United States is eight weeks away, but new research has shown that small businesses are already being hit by tax season–related cyber-attacks. Research conducted by Proofpoint indicates that attackers are “aggressively jumping into tax season,” with the deployment of two main attack strategies.  The first strategy is to send tax-themed emails
0 Comments
An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered. While anomaly detection and reporting are the primary functions, some intrusion detection systems are capable of taking actions when malicious activity or anomalous traffic is detected, including blocking traffic sent from suspicious Internet Protocol (IP) addresses.
0 Comments
by Paul Ducklin If you’re a regular Naked Security reader, you’ll know that we’ve been fans of HTTPS for years. In fact, it’s nearly nine years since we published an open letter to Facebook urging the social networking giant to adopt HTTPS everywhere. HTTPS is short for HTTP-with-Security, and it means that your browser, which
0 Comments
During a 2018 incident response engagement, Secureworks® analysts discovered strong evidence of a Russia-based espionage group using ‘man-on-the-side’ techniques to install malware on targeted networks. The threat actors used the same techniques in other incidents as well. This type of attack can undermine the integrity of the Internet’s fundamental communications infrastructure. What is a man-on-the-side
0 Comments
A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed “Fox Kitten,” the cyber-espionage campaign is said to have been directed at companies from the IT, telecommunication, oil and gas, aviation, government, and
0 Comments
British police have been investigating children as young as six over their involvement in sexting offenses.  Figures released by London’s Metropolitan Police Service reveal that between January 2017 and August 2019, a total of 353 children aged from six to thirteen were investigated in relation to sending and receiving sexual images.  Sexting investigations involving children under
0 Comments
By Securing, managing and monitoring an enterprise IT infrastructure requires meticulous planning. Rather than create a framework from scratch, there are several publicly available methodologies security leaders can adopt to benefit their own infosec programs. One of the more high-profile examples of available frameworks is known as the zero-trust model. This model differs from other
0 Comments
The LYCEUM threat group targets organizations in sectors of strategic national importance, including oil and gas and possibly telecommunications. The activity observed by Secureworks® Counter Threat Unit™ (CTU) researchers focuses on obtaining and expanding access within a targeted network. CTU™ research indicates that LYCEUM may have been active as early as April 2018. Domain registrations
0 Comments
A popular WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated remote attackers compromise a wide range of websites and blogs. The vulnerable plugin in question is ‘ThemeGrill Demo Importer‘ that comes with free as well as premium themes sold by the
0 Comments
The alleged source of a series of information leaks that rocked soccer and sparked an FFP investigation into the finances of Manchester City Football Club is to be tried before a Portuguese court. An appeal lodged by Portuguese national Rui Pinto to have the accusations against him dismissed as “unfounded” was rejected earlier this month
0 Comments
Secureworks® Counter Threat Unit™ (CTU) researchers continually monitor the TrickBot botnet operated by the GOLD BLACKBURN threat group. A key feature of TrickBot is its ability to manipulate web sessions by intercepting network traffic before it is rendered by a victim’s browser. TrickBot has targeted hundreds of organizations, mostly financial institutions, since it began widespread
0 Comments
That’s for apps from third-party marketplaces; another 790,000 policy-breaking apps were stopped from reaching Google Play Strengthened app safety policies, a better developer approval process, and enhancements to its machine learning detection system made the Google Play Store an even more secure place last year, according to Google’s 2019-in-review blog post this week. “Last year,
0 Comments
Indicator Type Context mlibo.ml Domain name Hosting phishing website used by COBALT DICKENS for August/July 2019 operations blibo.ga Domain name Hosting phishing website used by COBALT DICKENS for August/July 2019 operations azll.cf Domain name Hosting phishing website used by COBALT DICKENS for August/July 2019 operations azlll.cf Domain name Hosting phishing website used by COBALT DICKENS