TSEC NEWS: 10.04.21 - Back again ||| cooming soon - 1. TSec-Accounts 2.comments 3. personalized feed... if i have the time

❈ Researchers uncover a new Iranian malware used in recent cyberattacks

IT Security Nachrichten feedproxy.google.com

An Iranian threat actor has unleashed a new cyberespionage campaign against a possible Lebanese target with a backdoor capable of exfiltrating sensitive information from compromised systems. Cybersecurity firm Check Point attributed the operation to APT34, citing similarities with previous techniques used by the threat actor as well as based on its pattern of victimology. APT34 (aka OilRig) is...


Kompletten Artikel lesen (externe Quelle: http://feedproxy.google.com/~r/TheHackersNews/~3/hz96-cUbfVk/researchers-uncover-new-iranian-malware.html)

Zur Team IT Security IT Sicherheit Nachrichtenportal Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

MMD-0030-2015 - New ELF malware on Shellshock: the ChinaZ

vom 250.42 Punkte
The backgroundThe bash Shellshock vulnerability (link) is still proven to be one of the fastest way to spread ELF malware infection to NIX boxes in internet, along with Linux systems which are still having the vulnerable version. This fact that is not kno

MMD-0030-2015 - New ELF malware on Shellshock: the ChinaZ

vom 250.42 Punkte
The backgroundThe bash Shellshock vulnerability (link) is still proven to be one of the fastest way to spread ELF malware infection to NIX boxes in internet, along with Linux systems which are still having the vulnerable version. This fact that is not kno

AA20-006A: Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad

vom 247.12 Punkte
Original release date: January 6, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infras

AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky

vom 224.36 Punkte
Original release date: October 27, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity

Iran-linked Hackers Adopt New Data Exfiltration Methods

vom 216.74 Punkte
An Iran-linked cyber-espionage group has been using new malware and data exfiltration techniques in recent attacks, security firm Nyotron has discovered. The threat actor, known as OilRig, has been active since 2015, mainly targeting United States and Middle Ea

Iran-linked Hackers Adopt New Data Exfiltration Methods

vom 216.74 Punkte
An Iran-linked cyber-espionage group has been using new malware and data exfiltration techniques in recent attacks, security firm Nyotron has discovered. The threat actor, known as OilRig, has been active since 2015, mainly targeting United States and Middle Ea

AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware

vom 198.75 Punkte
Original release date: February 17, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result o

MMD-0037-2015 - A bad Shellshock & Linux/XOR.DDoS CNC "under the hood"

vom 188.31 Punkte
The background Yesterday was a hectic day when we gathered to check all recent ELF threats cross-fired in the internet traffic when I was informed of a recent shellshock attack. Seeing the command pattern of the one-liner shell executed script used I knew

MMD-0037-2015 - A bad Shellshock & Linux/XOR.DDoS CNC "under the hood"

vom 188.31 Punkte
The background Yesterday was a hectic day when we gathered to check all recent ELF threats cross-fired in the internet traffic when I was informed of a recent shellshock attack. Seeing the command pattern of the one-liner shell executed script used I knew

Another country-sponsored #malware: Vietnam APT Campaign

vom 179.48 Punkte
The background This is a team work analysis, we have at least 5 (five) members involved with this investigation. The case that is about to be explained here is an APT case. Until now, we were (actually) avoiding APT cases for publicity in Malware Must Die

Another country-sponsored #malware: Vietnam APT Campaign

vom 179.48 Punkte
The background This is a team work analysis, we have at least 5 (five) members involved with this investigation. The case that is about to be explained here is an APT case. Until now, we were (actually) avoiding APT cases for publicity in Malware Must Die

MMD-0047-2015 - SSHV: SSH bruter ELF botnet malware w/hidden process kernel module

vom 174.45 Punkte
Background Apparently Linux ELF malware is becoming an interesting attraction from several actors from People Republic of China(in short: PRC). This post is one good example about it. It explains also why myself, from my team (MMD), put many effort t

Team Security Diskussion über Researchers uncover a new Iranian malware used in recent cyberattacks