TA18-149A: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm

According to reporting of trusted third parties, HIDDEN COBRA actors have likely been using both Joanap and Brambul malware since at least 2009 to target multiple victims globally and in the United States—including the media, aerospace, financial, and critical infrastructure sectors. Users and administrators should review the information related to Joanap and Brambul from the Operation Blockbuster Destructive Malware Report [1] in conjunction with the IP addresses listed in the .csv and .stix files provided within this alert. Like many of the families of malware used by HIDDEN COBRA actors, Joanap, Brambul, and other previously reported custom malware tools, may be found on compromised network nodes. Each malware tool has different purposes and functionalities.

Will the Real Joker’s Stash Come Forward?

For as long as scam artists have been around so too have opportunistic thieves who specialize in ripping off other scam artists. This is the story about a group of Pakistani Web site designers who apparently have made an impressive living impersonating some of the most popular and well known “carding” markets, or online stores that sell stolen credit cards.

Report: Many Companies Taking Status Quo Approach to Cyber Security at Their Own Peril

At the recent RSA Conference in San Francisco, attendees heard a lot of recognition that the cyber security landscape is in flux. A new generation of technologies that generate unprecedented amounts of data has changed the playing field, as has the rise of artificial intelligence. This has resulted not just in more things to secure and more insight to work with, it also has led to an adversary that’s better equipped, more sophisticated and with more assets to access.

Tips From Gil Owens on How To Pass the CISSP CAT Exam on the First Attempt

InfoSec Institute alum Gil Owens is a Cyber Systems Engineer at Peraton. Gil, a military-trained counterterrorism analyst, transitioned into a defense contractor role six years ago where he focuses on cyber defense and threat management. He’s earned his Network+, Security+, CEH, CCNA and CISSP certifications, and is preparing to take his CASP with InfoSec Institute this month.

Badge Bling And More At LayerOne 2018

The security conference LayerOne 2018 took place this past weekend in Pasadena, California. A schedule conflict meant most of our crew was at Hackaday Belgrade but I went to LayerOne to check it out as a first-time attendee. It was a weekend full of deciphering an enigmatic badge, hands-on learning about physical security, admiring impressive demos, and building a crappy robot.

Google Bug Bounty Program Awards Teen $36,000

Cyber-crime is one oft-repeated threat, which apparently doesn’t seem like slowing down. However, the only defence to this threat is security vigilance and awareness. A quick way to test the corresponding security measures is by incorporating bug bounty programs which have been on the maps of several companies, for a long time now. Although not all bug bounty programs provide remunerations, others can go as high as $36,000 like Google which recently awarded an Uruguayan teenager for exposing a security flaw.

Security Researchers Discover Multiple Epic Vulnerabilities in EOS Blockchain

Chinese internet and cyber security research firm 360 reported a series of high risk vulnerabilities in the EOS blockchain platform a couple of hours ago. According to China’s version of Twitter, Weibo, some of these vulnerabilities can remotely execute arbitrary code on the EOS node, meaning that remote attacks can directly control and take over all nodes running on EOS.

FBI Recommends Router Reboots to Limit VPNFilter Malware Risk

At one time or another, most IT users have been told that a possible solution to get technology working again is to simply reboot or power-cycle (unplug-replug) a given device. That’s the same advice the FBI issued on May 25 to help organizations and individuals defend against a malware attack known as VPNFilter.

How Companies Should Prepare For GDPR

The EU General Data Protection Regulation (GDPR) is an important topic, and one I’ve been working with since the beginning of 2016. In 2016, the GDPR (which will become effective on 25 May 2018) was adopted to replace the Directive 95/46/EC to implement a legally binding regulation that will be considered the EU data protection law.

Mind The ‘Cyber Risk’ Gap

As the number of digital transactions dramatically increases, so does the risk and likelihood of cyber-attack.  This means that organisations handling large amounts of sensitive data are more likely to become targets of hackers who are looking to exploit this information which is stored within corporate networks. As a result, businesses find themselves increasingly exposed to what is referred to as a ‘Cyber Risk Gap’ caused by a combination of factors which I have outlined below.

The Supreme Court Is Stubbornly Analog — By Design

The Supreme Court is an openly — even proudly — technophobic institution. Cameras are forbidden, which means there are no images or videos from high-profile cases, and briefs and other legal filings only recently became available at the court’s website. Chief Justice John Roberts argued in 2014 that these Luddite tendencies are just part of the legal system: “The courts will always be prudent whenever it comes to embracing the ‘next big thing.’” The justices — who communicate mostly on paper, rather than via email — can sometimes seem as analog as the institution they serve. There was the moment when in a 2014 case about cell phone privacy, Justice Samuel Alito asked what would happen if a suspect were carrying personal information on a “compact disc.” That same year, Justice Stephen Breyer was ribbed for spinning out an extended hypothetical about a “phonograph record store.”

IDG Contributor Network: Cybersecurity outlook: data protection takes center stage

The Gartner Security & Risk Management Summit 2018 is coming up. Based on last year’s data breaches and how cyber security incidents have escalated in 2018, I would place a big bet that the talk coming out of the summit will be very heavy on the topic of data protection. Here’s why I think we’ll be talking data protection during and after the conference and what it could mean for your business.

BrandPost: Security Services Bridge Gaps Caused by Fragmented Network Environments

Nearly everyone can agree that the security challenges enterprises face today require out of the box thinking. Our Quarterly Threat Landscape reports show today’s threats are designed to target multiple attack vectors, expose vulnerabilities, select a compromise from an updatable toolkit of exploits, burrow deep into the network, and then hide their tracks. From there they can move laterally across the environment looking for data to exploit or resources to hijack – all while evading detection.