By using search engines dedicated to scanning all open ports, or scanning the ports themselves, hackers can remotely take control of critical private and public U.S. infrastructure run largely by industrial control systems (ICS) that weren’t built with security in mind. American water and energy providers are particularly vulnerable to cyberattack because their legacy ICSs…
Threat analysts hit the cyber intel mother lode after uncovering a 40GB data leak that included training videos shedding light on the activities of an Iranian advanced persistent threat group. In a company blog post this week, IBM X-Force Incident Response Intelligence Services (IRIS) said that the leaked assets were the result of an OPSEC error on…
Warnings by officials in the U.S., U.K. and Canada that Russia’s Cozy Bear, APT29, is actively trying to steal Covid-19 vaccine research by hacking vaccine trials and dropping WellMess and WellMail malware proves at least two things: Russia military intelligence is still going hard against U.S. targets, and the health care industry, particularly during the…
The recent U.K. ban on the use of Huawei technology in its 5G wireless network is likely as much about salvaging the deteriorating U.S.-U.K. Sino relationship and restoring trade normalcy as it is about security. “There are clearly legitimate security concerns around Huawei, particularly given that as a result of the trade ban, equipment will…
Despite past assertions that he believed Russian President Vladimir Putin over his own intelligence community that Russia does not tamper with the U.S. electoral process, President Donald Trump last week admitted in an interview with a Washington Post columnist that he approved a 2018 retaliation to take out Russia’s Internet Research Agency (IRA) for precisely…
President Trump has commuted the sentence of long-time confidante Roger Stone who was to report to prison on July 14 to serve 40 months after being found guilty of seven counts, including obstruction, witness tampering and lying to Congress. During Stone’s trial, which stemmed from Special Counsel Robert Mueller’s probe into Russia’s interference in the…
A new blog post and research report from the Lookout Threat Intelligence Team has exposed the lengths to which a reputed Chinese government-sponsored APT operation has allegedly gone to track the country’s Uyghur minority population, including the trojanization of mobile apps with surveillanceware. Lookout details four spyware families — SilkBean, DoubleAgent, CarbonSteal and GoldenEagle —…
The actors behind a campaign to spread GoldenSpy malware via tax accounting software used by customers of a Chinese bank have recently attempted to distribute an uninstaller that deletes the backdoor in an apparent attempt to cover up their illicit activities. In a previous company blog post and threat report, Trustwave and its SpiderLabs team identified the accounting software…
StrongPity, aka Promethium, a potentially state-sponsored APT group active since 2012, isn’t letting exposed campaigns in recent years stop it from trying to install malware around the world, particularly in warzones such as Syria. Two separate reports this week from Cisco Talos and Bitdefender suggest the attackers are getting more aggressive in their geo-targeted malicious…
A tax software program installed by business clients of an unidentified Chinese bank was trojanized with malware that installs a backdoor granting attackers SYSTEM-level privileges, researchers warn. In a company blog post and more detailed threat report, Trustwave and its SpiderLabs team identified the accounting software as Intelligent Tax, which was reportedly developed by the…
