Original release date: January 6, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infrastructure in light of the current tensions between the Islamic Republic of Iran and the United States and Iran’s historic use of cyber offensive activities to retaliate against perceived harm. More…
IBM warns that Iran’s state-sponsored hackers have deployed a new strain of malicious wiper malware, which has been aimed at the “industrial and energy sectors” in the Middle East but you can expects that to expand worldwide.
No specific companies have been identified, but there’s no surprise in the nature of the attack. For Iran, its ongoing hybrid conflict with the U.S. and its allies has made these sectors a target. IBM has attributed the latest “destructive attacks” to Iran’s hyperactive APT34 “and at least one other group, [also] likely based out of Iran.”
Know where Maksim “Aqua” Yakubets is? Can you pry him out of Russia and his Lamborghinis? The biggest ever cybercrook reward awaits!
See also AA19-339A: Dridex Malware
All you bug hunters out there are about to get a nice Christmas gift – the US federal government finally wants to hear from you.
The Russian ‘Sandworm’ hacking group has been caught repeatedly uploading fake and modified Android apps to Google’s Play Store.
from the you’re-not-helping dept
Enter antivirus and security firm Avast, which has been taking heat after it was discovered that the company’s services are collecting user browsing data. In an ideal world, companies that profess to be dedicated to protecting users from malware and privacy threats probably shouldn’t contribute to the problem. In the world we live in however, that’s often not the case–as everybody saw when Facebook tried to sell its users on a “privacy protecting VPN” that actually hoovered up their browsing data, providing insight into user behavior when… (full story)
The Year in Review: 10 cybersecurity stories in 2019 that make us feel less secure
Jack Wallen runs through 10 of the most important cybersecurity threats, breaches, tools, and news of last year.
The Sophos Managed Threat Response (MTR) team has warned the industry of a dangerous new ransomware trick.