Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


If Microsoft buying GitHub freaks you out, here are your best alternatives

Microsoft is a relatively new friend to open source, and their purchase of GitHub is causing considerable consternation to developers.


Facebook data privacy scandal: A cheat sheet

Read about the saga of Facebook’s failures in ensuring privacy for user data, including how it relates to Cambridge Analytica, the GDPR, the Brexit campaign, and the 2016 US presidential election.


Watch This Hacker Take Over A Computer in Less Than 2 Minutes


More Information about Travel Security

Wherever we may roam we rely on portable devices—laptops, smartphones and tablets—for directions, tips on restaurants and entertainment, and to stay connected to work and family.


TA18-149A: HIDDEN COBRA – Joanap Backdoor Trojan and Brambul Server Message Block Worm

05/29/2018 08:18 AM EDT  Original release date: May 29, 2018

Overview

This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with two families of malware used by the North Korean government:

  • a remote access tool (RAT), commonly known as Joanap; and
  • a Server Message Block (SMB) worm, commonly known as Brambul.

The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit https://www.us-cert.gov/hiddencobra.


 

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.