McAfee Report december 2017 Welcome to the McAfee Labs Threats Report. In this edition, we highlight the statistics gathered by McAfee Labs in Q3 of 2017.
IBM Threat research: What you need to know about injection attacks - November 2017 Very little in life grabs our attention like a shiny new object. The gleam can be irresistible, the glitter mesmerizing. That’s how it is in cybersecurity, where the landscape is almost always dotted with alluringly novel hazards.
IBM At risk: the energy and utilities sector infrastructure - September 2017 Governments and energy and utility organizations worldwide are focusing increasingly on cyber security, and with good reason.1 Attacks on critical infrastructure like fuel, electricity and drinking water supply
McAfee Report september 2017 With McAfee’s spin-off from Intel completed, our focus has turned to growing the business. Our commitment to the strategy articulated more than two years ago remains unchanged.
IBM Security trends in the information and communication technology industry - July 2017 The information and communication technology (ICT) industry has evolved greatly over the last several decades. The increasingly interconnected nature of ICT devices and systems, along with modern society’s dependence on the technologiesand services this sector provides
CISCO Cisco Midyear Cybersecurity Report 2017 For nearly a decade, Cisco has published comprehensive cybersecurity reports that are designed to keep security teams and the businesses they support apprised of cyber threats and vulnerabilities—and informed about steps they can take to improve security and cyber-resiliency.
IBM Security trends in the manufacturing industry - June 2017 The good news? In 2016, the manufacturing sector clients monitored by IBM® Security Services experienced fewer attacks than our clients across all industries. The bad news?
CERT alerts Analysis of ExPetr malware Much has been written about the recent ExPetr/NotPetya/Nyetya/Petya outbreak – you can read our findings here:Schroedinger’s Pet(ya) and ExPetr is a wiper, not ransomware.
Regulations CYBER EUROPE 2016: AFTER ACTION REPORT (ENISA) Cyber Europe 2016 was the fourth pan-European cyber crisis exercise organised bythe European Union Agency for Network and Information Security (ENISA).
CERT alerts Information about KASPERAGENT malware campaign ThreatConnect has identified a KASPERAGENT malware campaign leveraging decoy Palestinian Authority documents. The samples date from April - May 2017, coinciding with the run up to the May 2017 Palestinian Authority elections.
CERT alerts Information about Win32/Industroyer a new threat against industrial control systems specifically Control systems used in electrical substations Win32/Industroyer is a sophisticated piece of malware designed to disruptthe working processes of industrial control systems (ICS), specificallyindustrial control systems used in electrical substations.
CERT alerts Analyzis of CRASHOVERRIDE the threat to Electric Grid Operations Dragos, Inc. was notified by the Slovak anti-virus firm ESET of an ICS tailored malware on June 8th, 2017.
Symantec Symantec Internet Security Threat Report 2017 Cyber attackers revealed new levels of ambition in 2016, a year marked by extraordinary attacks, including multi-million dollar virtual bank heists, overt attempts to disrupt the US electoral process by state-sponsored groups
CERT alerts Information about PLATINUM file transfer tool Back in April 2016, we released the paper PLATINUM: Targeted attacks in South and Southeast Asia , where we detailed the tactics, techniques, and procedures of the PLATINUM activity group.
CERT alerts Information about a phishing campaign targeting global law and investment firms In May and June 2017, FireEye observed a phishing campaign targeting at least seven global law and investment firms. We have associated this campaign with APT19, a group that we assess is composed of freelancers, with some degree of sponsorship by the Chinese government.
CERT alerts Information about operation Cobalt Kitty In this APT, the threat actor was very aware of the risks of exposure and tried to combat attribution as much as possible. This is often the case in this type of large-scale cyber espionage operations.
CERT alerts Cobalt Kitty: A large-scale APT in Asia The investigation of a massive cyber espionage APT (Advanced Persistent Threat) became a game of one-upmanship between attackers and defenders. Dubbed Operation Cobalt Kitty, the APT targeted a global corporation based in Asia with the goal of stealing proprietary business information.
CERT alerts Researchers concluded that Chinese Ministry of State Security is behind APT3 APT3 is the first threat actor group that has been attributed with a high degree of confidence directly to the Chinese Ministry of State Security (MSS).
CERT alerts Information about APT32 and th Threat to Global Corporations mainly in Vietnam Cyber espionage actors, now designated by FireEye as APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists.
CERT alerts Information about cyber attack against Indian Central Bureau of Investigation (CBI) and Indian army officials IDSA (Institute for Defence Studies and Analyses) is an Indian think tank for advanced research in international relations.
CERT alerts Information about new versions of MM Core (file-less APT) BigBoss, and SillyGoose In October 2016 Forcepoint Security Labs™ discovered new versions of the MM Core backdoor being used in targeted attacks. Also known as “BaneChant”, MM Core is a file-less APT which is executed in memory by a downloader component.
CERT alerts Information about APT targets financial analysts in Russia and neighboring countries On April 20, Proofpoint observed a targeted campaign focused on financial analysts working at top global financial firms operating in Russia and neighboring countries.
CERT alerts Information about the Blockbuster sequel Unit 42 has identified malware with recent compilation and distribution timestamps that has code, infrastructure, and themes overlapping with threats described previously in the Operation Blockbuster report, written by researchers at Novetta.
