Monday 11/19
Hacking group returns, switches attacks from ransomware to Trojan malware
Dubbed tRat by researchers, the malware is predominantly targeting financial institutions and is being distributed with the aim of grabbing credentials, financial data, and other information that would be useful to cyber criminal operations. Researchers also warn that it could have other capabilities that haven't been put into operation yet.
https://zd.net/2zijich
Major SMS security lapse is a reminder to use authenticator apps instead
A recent data breach has exposed a database of around 26 million text messages containing private customer information, reports TechCrunch. In addition to the privacy concerns, the breach also highlights the dangers of relying on SMS messages for receiving two-factor authentication codes or account reset links, which sees sensitive information sent over an unencrypted communications platform.
http://bit.ly/2RYQ2OI
Agentless threat detection for Microsoft Azure workloads with Cisco Stealthwatch Cloud
Cisco Stealthwatch Cloud can now deliver behavioral security analytics, comprehensive visibility, and effective threat detection in Microsoft Azure environments in minutes.
http://bit.ly/2DKibGr
Why artificial intelligence is shaping our world
From suggesting what books we might like to buy online to powering the virtual assistants that inhabit our phones and smart speakers, some of the applications are more visible than others. In truth, AI is touching our lives far more than many of us realise.
https://bbc.in/2KjexDW
Tuesday 11/20
Not So Cozy: An Uncomfortable Examination of a suspected APT29 Phishing Campaign
The phishing emails were made to look like secure communication from a Public Affairs official at the U.S. Department of State, hosted on a page made to look like another Department of State Public Affairs official's personal drive, and used a legitimate Department of State form as a decoy.
http://bit.ly/2KqhtPb
Hackers infect official Make-A-Wish site with cryptocurrency mining malware
Researchers found that one of the Make-A-Wish foundation’s websites – worldwish.org – was compromised with cryptocurrency malware known as CoinImp. The malware infects the website with a malicious script to steal visitors’ computing power to covertly mine cryptocurrency.
http://bit.ly/2OW8XIl
10 Lessons Learned From the Biggest Ransomware Attacks
Backups should be kept off the network and outside the reach of malware, not on external hard drives.
http://bit.ly/2QZK9Rd
Wednesday 11/23
Half a million Android users tricked into downloading malware from Google Play
Lukas Stefanko, a security researcher at ESET, tweeted details of 13 gaming apps — made by the same developer — which were at the time of his tweet downloadable from Google Play. Two of the apps were trending on the store, he said, giving the apps greater visibility. Combined, the apps surpassed 580,000 installs before Google pulled the plug.
https://tcrn.ch/2QbsCZn
Cisco Looks to Build DevOps Community
Susie Wee, senior vice president for the DevNet community at Cisco, said the goal is to provide network operations (NetOps) teams the skills required to programmatically expose a range of self-service capabilities to developers.
http://bit.ly/2OWqpMz
Winter Olympic Games hackers are back with an updated arsenal
A selection of new samples gathered by Check Point have revealed the refinement of macros, often embedded in malicious documents spread via phishing campaigns, which have been made more complex over time.
https://zd.net/2DPI5bH
Thursday 11/22
Happy Thanksgiving from Everyone at Gotham Technology Group.
Friday 11/23
Amazon exposed customer names and emails in a ‘technical error’
Despite the exposure, Amazon told the affected customers they did not need to change their passwords. But even with just their names and emails exposed, people could attempt to reset their accounts or target their emails for phishing attacks.
https://cnb.cx/2POQh29
Emotet malware runs on a dual infrastructure to avoid downtime and takedowns
This somewhat unorthodox infrastructure setup is rare among malware operations, but it's not surprising that Emotet is the one that's using it. The Emotet gang has constantly released new and intriguing modules, has rolled out competent antivirus evasion tricks, and has featured good coding, something rare on the malware scene, but something that suggests that experienced malware coders are involved.
https://zd.net/2r1NofV