A quick Saturday digest of cybersecurity news articles from other sources.
AA20-006A: Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad
Original release date: January 6, 2020
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infrastructure in light of the current tensions between the Islamic Republic of Iran and the United States and Iran’s historic use of cyber offensive activities to retaliate against perceived harm. More…
[Heads Up] Iran Has Launched Evil New Malware That Wipes Your Windows Workstations
IBM warns that Iran’s state-sponsored hackers have deployed a new strain of malicious wiper malware, which has been aimed at the “industrial and energy sectors” in the Middle East but you can expects that to expand worldwide.
No specific companies have been identified, but there’s no surprise in the nature of the attack. For Iran, its ongoing hybrid conflict with the U.S. and its allies has made these sectors a target. IBM has attributed the latest “destructive attacks” to Iran’s hyperactive APT34 “and at least one other group, [also] likely based out of Iran.”
Iran Has Shut Off its Internet
Iran has gone pretty much entirely offline in the wake of nationwide protests. This is the best article detailing what’s going on; this is also good.
AccessNow has a global campaign to stop Internet shutdowns.
$5m bounty set on the alleged head of Evil Corp banking Trojan group
Know where Maksim “Aqua” Yakubets is? Can you pry him out of Russia and his Lamborghinis? The biggest ever cybercrook reward awaits!
See also AA19-339A: Dridex Malware
Uncle Sam opens arms to friendly hackers
All you bug hunters out there are about to get a nice Christmas gift – the US federal government finally wants to hear from you.
Fake Android apps uploaded to Play store by notorious Sandworm hackers
The Russian ‘Sandworm’ hacking group has been caught repeatedly uploading fake and modified Android apps to Google’s Play Store.
Avast CEO Downplays Collection Of 400 Million Users’ Browsing Data
from the you’re-not-helping dept
Enter antivirus and security firm Avast, which has been taking heat after it was discovered that the company’s services are collecting user browsing data. In an ideal world, companies that profess to be dedicated to protecting users from malware and privacy threats probably shouldn’t contribute to the problem. In the world we live in however, that’s often not the case–as everybody saw when Facebook tried to sell its users on a “privacy protecting VPN” that actually hoovered up their browsing data, providing insight into user behavior when… (full story)
The Year in Review: 10 cybersecurity stories in 2019 that make us feel less secure
Jack Wallen runs through 10 of the most important cybersecurity threats, breaches, tools, and news of last year.
Snatch ransomware pwns security using sneaky ‘safe mode’ reboot
The Sophos Managed Threat Response (MTR) team has warned the industry of a dangerous new ransomware trick.
Share
JAN
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com