Mike Mimoso and Chris Brook recap the first day of this year’s Security Analyst Summit, including Mark Dowd’s memory corruption bug keynote, the digital archeology around Moonlight Maze, ATM hacking, and the Lazarus APT.
Tag Archives: apt
IBM Opens Attack Simulation Test Center
IBM introduced on Wednesday a new Cyber Range attack simulator during the opening of its global security headquarters in Cambridge, Mass.
Microsoft Patches Zero Day Disclosed by Google
Microsoft released 14 security bulletins today, six rated critical. Among the fixes is a patch for a Windows kernel zero-day vulnerability disclosed by Google that was being used in attacks by the Sofacy APT gang.
Microsoft Says Russian APT Group Behind Zero-Day Attacks
Microsoft said Russian APT group Sofacy, which has ties to the country’s military intelligence operations, has been using Windows kernel and Adobe Flash zero day vulnerabilities in targeted attacks.
Attributing Advanced Attacks Remains Challenge For Researchers
Kaspersky Lab researchers participated in a Reddit AMA, touching on topics such as attack attribution, critical infrastructure security, attacker and researcher tradecraft, and the shortage of security talent.
ScarCruft APT Group Used Latest Flash Zero Day in Two Dozen Attacks
The ScarCruft APT gang has made use of a Flash zero day patched Thursday by Adobe to attack more than two dozen high-profile targets in Russia and Asia primarily.
Fix Coming for Flash Vulnerability Under Attack
Adobe is expected to this week patch a Flash Player vulnerability being exploited in targeted attacks.
APT Groups Finding Success with Patched Microsoft Flaw
Researchers at Kaspersky Lab have identified six APT groups using exploits for a Microsoft Office flaw that was patched in September 2015.
Platinum APT Group Abuses Windows Hotpatching
Microsoft disclosed details on the Platinum APT group and its arsenal of backdoors, keyloggers and its abuse of Windows hotpatching to load malicious code on compromised computers.
Misunderstanding Indicators of Compromise
In this Threatpost op-ed, Dave Dittrich and Katherine Carpenter explain the dangers of conflating measurable events, or observables, with indicators of compromise, which require context and other constructs to provide true threat intelligence.