APTs | SC Media

APTs

APT10

APT34 spread malware via LinkedIn invites

FireEye researchers identified a phishing campaign conducted by the cyberespionage group APT34 masquerading as a member of Cambridge University to gain their victim’s trust to open malicious documents.  Researchers noticed the campaign in late June 2019 using LinkedIn professional network invitations to deliver the malicious documents that included the use of three new malware families…

Huawei responds to allegations of NSA hacking

Huawei products riddled with backdoors, zero days and critical vulnerabilities

Huawei’s problems keep piling up as a security firm specializing in IoT devices found numerous vulnerabilities across the company’s entire product line. Finite State said it scanned more than 1.5 million files embedded within nearly 10,000 firmware images supporting 558 products looking for risks including hard-coded backdoor credentials, unsafe use of cryptographic keys, indicators of…

Huawei responds to leaks detailing NSA hack of firm's networks

Backdoors found in Huawei-supplied Vodafone equipment

Huawei Technologies is facing yet another controversy, this time after security documents from Europe’s Vodafone noted that the Chinese firm supplied the carrier with hardware laden with security issues. Vodafone said it found backdoors in the software contained in Huawei home routers and optical service nodes. Such backdoors could allow Huawei to gain access to…

Microsoft researchers find NSA-style backdoor in Huawei laptops

The Microsoft Defender Advanced Threat Protection (ATP) service featured in Windows 10 version 1809 alerted researchers to an NSA-inspired backdoor vulnerability in Huawei laptops. The PCManager software included in some Huawei’s Matebook systems allows unprivileged users to create processes with superuser privileges, according to a March 25 Microsoft security post. Upon investigation, researchers found a…

IoT devices attacked faster than ever, DDoS attacks up dramatically: Netscout

Cybercriminals upped their game in a big way in 2018, dramatically increasing the number and severity of DDoS attacks and refining their IoT attacks to entirely new levels. The main takeaway from Netscout’s Threat Report that looked at the second half of 2018 was that cybercriminals built and used cheaper, easier-to-deploy and more persistent malware…

Enigmatic cyber espionage campaign revives source code from old foe APT1

A newly discovered cyber espionage campaign targeting South Korea, the U.S. and Canada features malware that reuses old source code associated with the seemingly dormant or disbanded APT1 threat group. The findings raise the possibility that the reputed Chinese threat actor has resumed operations, especially because its source code was never released to the public, according to…

Clandestine ‘GreyEnergy’ APT group spawned from BlackEnergy, NotPetya actors

Researchers from ESET yesterday exposed a previously undisclosed threat group that descended from TeleBots, the APT group known for launching the BlackEnergy trojan and NotPetya attacks against Ukraine in recent years. Dubbed GreyEnergy, the actor is comparable to the BlackEnergy group (which later changed strategies and became known as TeleBots or Sandworm) in that it…

Next post in Government/Defense