0 Comments
Summary In 2017, Secureworks® Counter Threat Unit™ (CTU) researchers continued to track GOLD SKYLINE, a financially motivated Nigerian threat group involved in business email compromise (BEC) and business email spoofing (BES) fraud. During the investigation, CTU™ researchers discovered a previously unidentified BEC group that they have named GOLD GALLEON. Unlike other BEC groups, GOLD GALLEON
0 Comments
Dalton and Flowsynth help create and test packet captures Thursday, November 16, 2017 By: Counter Threat Unit Research Team When crafting intrusion detection system (IDS) and intrusion prevention system (IPS) rules for engines such as Suricata and Snort, it is imperative that the rules behave and perform as expected. Validation requires testing, but capturing the
0 Comments
In December 2017, Secureworks® incident response (IR) analysts responded to multiple incidents where threat actors compromised vulnerable Internet-facing Oracle WebLogic servers on Linux and Windows systems to deploy cryptocurrency software. The unauthorized activity significantly impacted the performance of business-critical and client-facing applications. The continued inquiries about this activity in January 2018 suggest that many organizations
0 Comments
Threat actors continue to use opportunistic attacks to compromise networks and deploy SamSam ransomware to collect money from various types of organizations. Thursday, February 15, 2018 By: Counter Threat Unit Research Team On February 15, 2018, Secureworks® Counter Threat Unit™ (CTU) researchers published details about the tools and techniques used in a series of high-profile
0 Comments
By: Ruby, Digital Media Specialist It’s often assumed that interns are usually college undergraduates with a temporary assignment. I’m an exception to the rule in both respects. I started as a McAfee intern while I was a part-time graduate MBA student at Santa Clara University. Through my internship, I secured a full-time position on McAfee’s
0 Comments
It seems some malicious app developers have taken the phrase “fake it ‘til you make it” to heart, as fake apps have become a rampant problem for Android and iPhone users alike. Even legitimate sources, such as Google Play and Apple’s App Store, have been infiltrated with illegitimate applications, despite their own due diligence in
0 Comments
Yet another bluetooth hacking technique has been uncovered. A highly critical cryptographic vulnerability has been found affecting some Bluetooth implementations that could allow an unauthenticated, remote attacker in physical proximity of targeted devices to intercept, monitor or manipulate the traffic they exchange. The Bluetooth hacking vulnerability, tracked as CVE-2018-5383, affects firmware or operating system software
0 Comments
The Apache Software Foundation (ASF) has released security updates to address several vulnerabilities in its Tomcat application server, one of which could allow a remote attacker to obtain sensitive information. Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications like Java Servlet, JavaServer Pages (JSP), Expression Language,
0 Comments
Security researchers have uncovered a “highly targeted” mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India. The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol—a type of security software used by large enterprises to control
0 Comments
India-linked highly targeted mobile malware campaign, first unveiled two weeks ago, has been found to be part of a broader campaign targeting multiple platforms, including windows devices and possibly Android as well. As reported in our previous article, earlier this month researchers at Talos threat intelligence unit discovered a group of Indian hackers abusing mobile
0 Comments
At Google Cloud Next ’18 convention in San Francisco, the company has introducedTitan Security Keys—a tiny USB device, similar to Yubico’s YubiKey, that offers hardware-based two-factor authentication for your online accounts with the highest level of protection against phishing attacks. These hardware-based security keys are thought to be more efficient at preventing phishing, man-in-the-middle (MITM)
0 Comments
Following Apple’s lead in banning cryptocurrency mining apps, Google has also updated its Play Store policy this week to ban apps that mine cryptocurrencies on users’ devices in the background. However, there are countless cryptocurrency mining apps, including MinerGate, AA Miner, NeoNeonMiner, and Crypto Miner, still available on the Play Store. Cryptocurrency mining is not