now browsing by tag
As the US justice department forges ahead with its investigation into the Trump administration and any possible collusion with Russia, the Fancy Bear hackers continue refining their attacks against global targets. As part of their new phishing campaign, the hackers are capitalising on the recent New York terror attack, to trick users into clicking on malicious documents, which in turn infects systems with their malware.
The Kremlin-linked hackers first made headlines during the 2016 US presidential campaign and are now widely considered to have orchestrated the cyberattacks against the US Democratic Party. The cyberespionage group has since been actively involved in various campaigns over the past year, targeting organisations and individuals across the globe.
The Fancy Bears’ most recent campaign, uncovered by security researchers at McAfee, involves the use of a black malicious document, titled “IsisAttackInNewYork”, which when clicked drops the hackers’ first-stage reconnaissance malware dropper Seduploader. The implant collects basic data from infected PCs and profiles prospective victims. Once hackers determine some interest in the victim, the implant then drops Fancy Bears’ customised malware X-Agent or Sedreco.
View full post on National Cyber Security Ventures
In early October, the Russian hacking group, infamous for infiltrating the computer networks of the Democratic National Committee (DNC) last year, launched a new operation targeting potential attendees of an upcoming US cybersecurity conference, research suggests.
The Kremlin-linked unit, known as APT28 or Fancy Bear, weaponised a real Word document titled “Conference_on_Cyber_Conflict.doc” with a reconnaissance malware known as “Seduploader” to target delegates from Washington DC-based Cyber Conflict US, or CyCon.
The two-page file, lifted from the conference’s website, was created on 4 October and threat researchers from Cisco Talos, who first spotted the malware, said that attacks peaked three days later.
“Due to the nature of the document, we assume that the targeted people are linked or interested by the cybersecurity landscape,” three Talos experts wrote in a joint report (22 October).
High profile speakers billed to talk at CyCon, which is set to take place on 7-8 November, includes former US National Security Agency director Keith Alexander and current commanding general of the US Army’s Cyber Command, Paul Nakasone.
The Fancy Bear hackers, known to Talos as “Group 74”, has been linked to the Seduploader in the past and regularly uses real-world events as the launch pad for attacks.
Multiple cybersecurity analysts believe the hackers are associated with Russian intelligence.
“In this case, Group 74 did not use an exploit or any 0-day but simply used scripting language embedded within the Microsoft Office document,” Talos said.
Zero-day exploits are typically used in sophisticated attacks and exploit a gap in security previously unknown to anyone, including vendors and manufacturers.
“We could suggest that they did not want to utilise any exploits to ensure they remained viable for any other operations,” the team continued.
“Actors will often not use exploits due to the fact that researchers can find and eventually patch [fix] these which renders the actors’ weaponised platforms defunct.”
If the Fancy Bear cyberattack was successful, the team would attempt to siphon any secretive data from victims’ computers. In one of its most famous attacks, it exfiltrated tens of thousands of emails from the DNC network, which were later leaked online for the world to see.
A US military spokesperson told The Daily Beast that it was aware of the attempted hacks and had launched an investigation. “We will publish details as appropriate,” he added.
News of the Fancy Bear operation was published in the wake of a report from US-Cert, a division of homeland security, which said officials had observed attempted hacks on “government entities and organisations in the energy, nuclear, water, aviation, and critical manufacturing sectors”.
These were also linked, at least on first analysis, to Russian cyber-espionage operatives.
View full post on National Cyber Security Ventures
The 11 year old ‘cyber ninja’ who stunned experts at a security conference by hacking their phones and showing how to ‘weaponise’ a smart teddy bear
To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ An 11-year-old ‘cyber ninja’ stunned an audience of security experts Tuesday by hacking into their Bluetooth devices to manipulate a teddy bear and show how interconnected smart toys ‘can be weaponised’. …
View full post on Become007.com
Source: National Cyber Security – Produced By Gregory Evans The Fancy Bear hackers, believed to be sponsored by Russia’s main intelligence arm, the GRU, are back at it and have successfully breached the International Association of Athletics Federations. The IAAF is the world governing body for track and field. … The post Russia’s Fancy Bear […]
The post Russia’s Fancy Bear Hackers Are Stealing Athlete Drug Data Again appeared first on AmIHackerProof.com.
View full post on AmIHackerProof.com | Can You Be Hacked?
The Children’s Advocacy Center of Collin County (CACCC) is calling all motorcyclists to participate in the Teddy Bear Ride on Oct. 25 to raise money and awareness for abused children.
For the past 23 years, the Teddy Bear Ride has united hundreds of bikers to highlight the plight of abused children and encourage others to join the fight against child abuse.
“I think it’s a way for the community at large and all walks of life to be able to participate in a really powerful message,” said Lynne McLean, CEO of the CACCC. “There’s no excuse for child abuse. … We are so appreciative of our supporters and the many hundreds of participants who make this event possible and such an incredible visual reminder that child abuse has no place in Collin County.
The post Teddy Bear Ride raises awareness for child abuse, neglect appeared first on Parent Security Online.
View full post on Parent Security Online