A quick Saturday digest of cybersecurity news articles from other sources.
If Microsoft buying GitHub freaks you out, here are your best alternatives
Microsoft is a relatively new friend to open source, and their purchase of GitHub is causing considerable consternation to developers.
Facebook data privacy scandal: A cheat sheet
Read about the saga of Facebook’s failures in ensuring privacy for user data, including how it relates to Cambridge Analytica, the GDPR, the Brexit campaign, and the 2016 US presidential election.
Watch This Hacker Take Over A Computer in Less Than 2 Minutes
More Information about Travel Security
Wherever we may roam we rely on portable devices—laptops, smartphones and tablets—for directions, tips on restaurants and entertainment, and to stay connected to work and family.
TA18-149A: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm
05/29/2018 08:18 AM EDT Original release date: May 29, 2018
Overview
This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with two families of malware used by the North Korean government:
- a remote access tool (RAT), commonly known as Joanap; and
- a Server Message Block (SMB) worm, commonly known as Brambul.
The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.
Share
JUN
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com