This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On November 23, 2018

Monday 11/19

Hacking group returns, switches attacks from ransomware to Trojan malware

Dubbed tRat by researchers, the malware is predominantly targeting financial institutions and is being distributed with the aim of grabbing credentials, financial data, and other information that would be useful to cyber criminal operations. Researchers also warn that it could have other capabilities that haven't been put into operation yet.

Major SMS security lapse is a reminder to use authenticator apps instead

A recent data breach has exposed a database of around 26 million text messages containing private customer information, reports TechCrunch. In addition to the privacy concerns, the breach also highlights the dangers of relying on SMS messages for receiving two-factor authentication codes or account reset links, which sees sensitive information sent over an unencrypted communications platform.

Agentless threat detection for Microsoft Azure workloads with Cisco Stealthwatch Cloud

Cisco Stealthwatch Cloud can now deliver behavioral security analytics, comprehensive visibility, and effective threat detection in Microsoft Azure environments in minutes.

Why artificial intelligence is shaping our world

From suggesting what books we might like to buy online to powering the virtual assistants that inhabit our phones and smart speakers, some of the applications are more visible than others. In truth, AI is touching our lives far more than many of us realise.

Tuesday 11/20

Not So Cozy: An Uncomfortable Examination of a suspected APT29 Phishing Campaign

The phishing emails were made to look like secure communication from a Public Affairs official at the U.S. Department of State, hosted on a page made to look like another Department of State Public Affairs official's personal drive, and used a legitimate Department of State form as a decoy.

Hackers infect official Make-A-Wish site with cryptocurrency mining malware

Researchers found that one of the Make-A-Wish foundation’s websites – – was compromised with cryptocurrency malware known as CoinImp. The malware infects the website with a malicious script to steal visitors’ computing power to covertly mine cryptocurrency.

10 Lessons Learned From the Biggest Ransomware Attacks

Backups should be kept off the network and outside the reach of malware, not on external hard drives.

Wednesday 11/23

Half a million Android users tricked into downloading malware from Google Play

Lukas Stefanko, a security researcher at ESET, tweeted details of 13 gaming apps — made by the same developer — which were at the time of his tweet downloadable from Google Play. Two of the apps were trending on the store, he said, giving the apps greater visibility. Combined, the apps surpassed 580,000 installs before Google pulled the plug.

Cisco Looks to Build DevOps Community

Susie Wee, senior vice president for the DevNet community at Cisco, said the goal is to provide network operations (NetOps) teams the skills required to programmatically expose a range of self-service capabilities to developers.

Winter Olympic Games hackers are back with an updated arsenal

A selection of new samples gathered by Check Point have revealed the refinement of macros, often embedded in malicious documents spread via phishing campaigns, which have been made more complex over time.

Thursday 11/22

Happy Thanksgiving from Everyone at Gotham Technology Group.

Friday 11/23

Amazon exposed customer names and emails in a ‘technical error’

Despite the exposure, Amazon told the affected customers they did not need to change their passwords. But even with just their names and emails exposed, people could attempt to reset their accounts or target their emails for phishing attacks.

Emotet malware runs on a dual infrastructure to avoid downtime and takedowns

This somewhat unorthodox infrastructure setup is rare among malware operations, but it's not surprising that Emotet is the one that's using it. The Emotet gang has constantly released new and intriguing modules, has rolled out competent antivirus evasion tricks, and has featured good coding, something rare on the malware scene, but something that suggests that experienced malware coders are involved.