Tag Archive for: creative

What makes North Korean hacking groups more creative?


North Korean leader Kim Jong Un meets with former U.S. President Donald Trump within the demilitarized zone (DMZ) separating South and North Korea in 2019. (Handout photo by Dong-A Ilbo via Getty Images/Getty Images)

When cybersecurity experts talk about APT groups targeting the U.S. and its allies, they usually end up connecting the activity to one of “The Big Four:” Russia, China, Iran and North Korea. While these countries are far from the only ones conducting clandestine operations in cyberspace today, they’re often pegged as the most sophisticated and thus tend to get much of the attention.

But that doesn’t mean they all operate the same way. From a preference for writing custom malware code to pioneering new strategies, North Korean hacking groups have shown an innovative spirit that allows them to punch above their weight despite crushing sanctions.

At the 2021 RSA Conference, Dmitri Alperovitch, former co-founder and chief technology officer at Crowdstrike, said North Korean hacking groups, many of which operate under the umbrella name Lazarus Group, stand out considerably from their other Big Four counterparts in the creativity of their hacking campaign tactics and the way they eschew popular commercial offensive tools.

“They’re in some ways my favorite actor in cyberspace, because they’re just so incredibly innovative,” said Alperovitch, now executive chairman at the Silverado Policy Accelerator.

In the early 2000s, North Korean intelligence agencies like the Reconnaissance General Bureau “pioneered” the concept of destructive cyberattacks in digital skirmishes with their South Korean neighbors, while the country’s 2014 hack of entertainment giant Sony foretold the coming era of hack and leak operations that would be picked up by Russia just a few more years down the line.

Alperovitch said that in recent years, Russian, Chinese and Iranian APTs have increasingly incorporated publicly available commercial offensive hacking tools like Cobalt Strike or open-source tools like the credential harvesting Mimikatz in their operations in lieu of writing their own malware, because they are less expensive and because using…

Source…

US government taking creative steps to counter cyberthreats :: WRAL.com


— An FBI operation that gave law enforcement remote access to hundreds of computers to counter a massive hack of Microsoft Exchange email server software is a tool that is likely to be deployed “judiciously” in the future as the Justice Department, aware of privacy concerns, develops a framework for its use, a top national security official said Wednesday.

The department this month announced that it had obtained a warrant from a federal judge in Texas to remove web shells, or malicious code that gives hackers a foothold into networks, from hundreds of vulnerable computers affected by a hack that Microsoft has blamed on a group operating from China.

The FBI operation was designed to disrupt the effects of a hack that affected an untold thousands of servers running the Microsoft Exchange email program. Many victims took steps on their own to safeguard their systems, but for those that who did not, the Justice Department stepped in to do it for them with a judge’s approval.

It was the virtual equivalent of police going around the neighborhood locking doors that criminals had opened remotely.

“We have a decision to make, which is are we going to go ahead and do that action ourselves or are we just going to leave that malware there, sort of unremediated,” said Assistant Attorney General John Demers, speaking at a virtual discussion hosted by the Project of Media & National Security at George Washington University.

He said the operation was one of the very first of its kind and was discussed extensively beforehand by the FBI and the Justice Department. The department is figuring out how it plans to use the tool in the future.

“We don’t yet have sort of worked out what our criteria are going to be going forward,” Demers said. “Now that we’ve had this experience, that’s the kind of discussion we’re having internally now.

“This is not a tool of first resort that we’re going to be using a couple times a week as different intrusions come up,” he added. “This does require working with the private sector on the right solution. It does require testing to be sure that…

Source…

Moto G5S Plus review: Get creative with the dual camera for $300 – DeathRattleSports.com

Moto G5S Plus review: Get creative with the dual camera for $ 300
DeathRattleSports.com
Even at less than $ 300, Lenovo brought some innovation to the Moto G5 Plus that we have yet to see on other Android phones. With the G5S Plus, you will find the home button performs as a fast fingerprint scanner and home button. We saw Motorola …

and more »

android security – read more