With most of the world still anxious about COVID-19 and demand for vaccines high, new McAfee research sheds light on how hackers are targeting these fears with bogus apps, text messages, and social media invitations.
As a former Marine with expertise in counterintelligence, Human Intelligence (HUMINT) and Technical Surveillance Counter-Measures (TSCM), Jason Passwaters leveraged his international war fighting experience and built uniquely qualified teams at iSIGHT Partners, and then in co-founding Intel 471. His military service taught him to emphasize three areas that can make threat intelligence more targeted and actionable for organizations.
Lookout, Inc. announced the discovery of two novel Android surveillanceware, Hornbill and SunBird. The Lookout Threat Intelligence team believes these campaigns are connected to the Confucius APT, a well-known pro-India state-sponsored advanced persistent threat group. Hornbill and SunBird have sophisticated capabilities to exfiltrate SMS message content, encrypted messaging app content, geolocation, contact information, call logs, as well as file and directory listings. The surveillanceware targets personnel linked to Pakistan’s military and nuclear authorities and Indian election officials in Kashmir.
NCC Group and Fox-IT have been tracking a threat group - Chimera - with a wide set of interests, from intellectual property (IP) from victims in the semiconductors industry through to passenger data from the airline industry.
According to Digital Shadows’ Photon Research Team in Q4 2020, six groups made up 84% of alerts —Maze, Egregor, Conti, Sodinokibi, DoppelPaymer, and NetWalker— from the ransomware data leak sites Digital Shadows monitors.
Symantec's Threat Hunter Team, a group of security experts, have uncovered an additional piece of malware used in the SolarWinds attacks which was used against a select number of victims that were of interest to the attackers.
According to Symantec, the malware, Raindrop is a loader which delivers a payload of Cobalt Strike. Raindrop is very similar to the already documented Teardrop tool, but there are some key differences between the two.
Building a cyber-resilient enterprise informed by threat intelligence is not an easy task. Risks and requirements are often as unique and diverse as organizations themselves. Determining factors like industry, size, and market contribute to one simple truth: a one-size-fits-all approach to incorporating threat intelligence does not exist. Some invariants, however, do remain; successful threat intelligence programs must staff the right people in the right positions. Below, I’ll introduce four core threat intelligence focuses to consider as businesses plan and allocate budgets for 2021:
Analyst1, provider of a threat intelligence platform (TIP), added recognized cybersecurity industry veteran, Jon DiMaggio, to its executive team. As chief security strategist, DiMaggio will be responsible for driving security research and strategy for the next generation threat intel company.
Sr. Advisor Felker brings additional maritime cybersecurity partnership expertise to information sharing and analysis center
November 12, 2020
John Felker, former Assistant Director, Cybersecurity and Infrastructure Security Agency brings significant public-private sector relationship building expertise to the Maritime Transportation System Information Sharing and Analysis Center’s (MTS-ISAC) nonprofit, community focused mission.
Proactive cybersecurity programs include comprehensive activities that involve not only the IT and security teams, but also the CEO and boards of directors. Examples of key proactive activities include identifying risk tolerance, defining governance structures, and developing comprehensive security strategies. Throughout this article, we will review key domains where organizations can proactively fortify their cybersecurity measures. COVID-19 has increased threat activity and created unique changes — and increased risk — in IT environments. Now is the time to review some “quick hit” areas where you can bolster your cybersecurity and execute your winning strategy.