0

Thrip: 人工衛星、通信、防衛産業を狙うスパイ集団

Jun 21, 2018 / in Uncategorized

シマンテックによる人工知能ベースの TAA(Targeted Attack Analytics)で、広範囲にわたる新しいスパイ活動が明らかになりました。 Publish to Facebook:  No 最近のサイバースパイ活動で特に大きい変化のひとつは、「現地調達型」の戦術を多くのグループが採用するようになったことです。「現地調達型」というのはシマンテックの呼び方で、オペレーティングシステムの機能や正規のネットワーク管理ツールを利用して被害者のネットワークに侵入する行為を指します。その狙いは 2 つです。まず、既存の機能やツールを使うことで、攻撃者は被害者のネットワークに紛れ込み、無数にある正規のプロセスにその攻撃活動を隠そうとします。次に、そうしたツールを利用する悪質な動作が発覚したとしても、攻撃元の特定を困難にすることができます。 read more Source: Symantec

Read More
0

2018 年 2 月の最新インテリジェンス

Mar 14, 2018 / in Uncategorized

攻撃グループ「Chafer」が盛んな活動を続け、全世界のスパム率は下がった一方、メールマルウェアはわずかながら上昇に転じました。 Publish to Facebook:  No 2 月の「Latest Intelligence(最新インテリジェンス)」が発表されました。脅威を取りまく環境の概況も踏まえながら、その内容をご紹介します。2 月には、攻撃グループ「Chafer」が中東の組織を狙って活発な活動を展開しました。メールマルウェアの比率は依然として低かった一方、Facebook のアカウントにログインしてアカウント情報を盗み出そうとするモバイルマルウェアが出現しています。 read more Source: Symantec

Read More
0

Latest Intelligence for October 2017

Nov 10, 2017 / in Uncategorized

Symantec research shows users to be twice as likely to encounter threats through email as any other infection vector, and the spam rate declines slightly for the second month in a row. Publish to Facebook:  No Twitter Card Style:  summary Some of the key takeaways from October’s Latest Intelligence, and the threat landscape in general,…

Read More
0

Sowbug: Cyber espionage group targets South American and Southeast Asian governments

Nov 7, 2017 / in Uncategorized

Group uses custom Felismus malware and has a particular interest in South American foreign policy. Publish to Facebook:  No Twitter Card Style:  summary Symantec has identified a previously unknown group called Sowbug that has been conducting highly targeted cyber attacks against organizations in South America and Southeast Asia and appears to be heavily focused on…

Read More
0

Ramnit worm: Still turning up in unlikely places

Oct 27, 2017 / in Uncategorized

Over 90 Ramnit-infected apps removed from Google Play. Publish to Facebook:  No Twitter Card Style:  summary Contributors: Shaun Aimoto, Martin Zhang Click to Tweet:  Nope, Ramnit worm not ported to #Android. It’s an infected HTML file that drops Ramnit on Win PCs Click to Tweet Acct:  @threatintel read more Source: Symantec

Read More
0

BadRabbit: New strain of ransomware hits Russia and Ukraine

Oct 25, 2017 / in Uncategorized

BadRabbit is self-propagating and has many similarities to the June 2017 Petya / NotPetya outbreak. Publish to Facebook:  No Twitter Card Style:  summary A new strain of ransomware called BadRabbit (Ransom.BadRabbit) began spreading yesterday, October 24, 2017, with the vast majority of infection attempts seen in Russia. Click to Tweet:  BadRabbit ransomware uses at least…

Read More
0

Android malware on Google Play adds devices to botnet

Oct 18, 2017 / in Uncategorized

Symantec has found eight apps infected with the Sockbot malware on Google Play that can add compromised devices to a botnet and potentially perform DDoS attacks. Publish to Facebook:  No Twitter Card Style:  summary Contributor: Martin Zhang Click to Tweet:  Not all #Android #Minecraft PE skin apps are made equal. Some are malware in disguise….

Read More
0

Necurs attackers now want to see your desktop

Oct 17, 2017 / in Uncategorized

The Necurs botnet is back again, this time spreading a downloader that takes screen grabs of victims’ desktops and reports encountered errors back to the attackers. Publish to Facebook:  No Twitter Card Style:  summary Contributors: Eduardo Altares, Wei Wang Dai, and Mingwei Zhang Click to Tweet:  Attackers need operational intelligence too. #Necurs downloader now also…

Read More
0

Microsoft Patch Tuesday – October 2017

Oct 10, 2017 / in Uncategorized

This month the vendor has patched 62 vulnerabilities, 27 of which are rated Critical. Publish to Facebook:  No Twitter Card Style:  summary_large_image Hello, welcome to this month’s blog on the Microsoft patch release. This month the vendor has patched 62 vulnerabilities, 27 of which are rated Critical. As always, customers are advised to follow these…

Read More