“Exploit This”: Evaluating the exploit skills of malware groups
SophosLabs researcher Gabor Szappanos compares APT actors and cybercrooks. A comparative review of malware writers! A fascinating study, well worth a read…
Naked Security – Sophos
Tag Archive for: Malware
Syrian rebels lured into malware honeypot sites through “sexy” online chats
Hacking for “signals intelligence” doesn’t take NSA-level resources; it doesn’t even require very sophisticated exploit tools. Using a combination of Windows and Android malware and some very simple social engineering, a group aligned with the regime of Syrian President Bashar Al-Assad have raked in a wealth of intelligence on Syrian opposition groups. And they did it by pretending to be women and flirting with their victims.
Over the past two years, using a combination of fake social media and Skype accounts associated with fictional female supporters of Syrian rebel groups, the group—apparently operating from Lebanon—fooled rebel soldiers and others providing aid to them into downloading malware to their computers and Android smartphones. As revealed in a report published today by FireEye (PDF), the group (which may have been associated with Hezbollah) was able to harvest not just personal information on their targets, but also battle plans and other intelligence information that could have been used by Hezbollah and the Syrian government’s troops to counter the opposition.
FireEye discovered the operation during a malware investigation, uncovering a cache of 7.7 gigabytes of stolen data on a German server. The data contains Skype databases including chat logs and contacts, as well as documents and images.
Read 7 remaining paragraphs | Comments
LightCyber rolls out new features for endpoint malware detection platform
LightCyber, another security startup with the roots in the Israeli military, has opened its doors in the U.S. and is announcing new products and features to make its mark in the crowded field of endpoint detection and remediation.
The company’s Magna Breach Detection Platform monitors and analyzes network traffic as well as activity on Windows endpoints in search of anomalous behavior that they can identify as malware.
So far it’s having pretty good success in North America, with about 40 customers signed up for its appliances, software and services. It opened shop in Los Altos, Calif., last year, augmenting its headquarters that was already established in Ramat Gan, Israel, according to the company’s chief marketing officer Jason Matlof.
To read this article in full or to leave a comment, please click here
Researchers Link Regin to Malware Disclosed in Recent Snowden Documents – Threatpost
Computerworld |
Researchers Link Regin to Malware Disclosed in Recent Snowden Documents
Threatpost The Regin malware platform was disclosed in late November by Kaspersky Lab and it was quickly labeled one of the most advanced espionage malware platforms ever studied, surpassing even Stuxnet and Flame in complexity. The platform is used to steal … Researchers link QWERTY keylogger code to NSA and Five Eye's Regin … |