Mike Mimoso and Chris Brook recap the first day of this year’s Security Analyst Summit, including Mark Dowd’s memory corruption bug keynote, the digital archeology around Moonlight Maze, ATM hacking, and the Lazarus APT.
IBM introduced on Wednesday a new Cyber Range attack simulator during the opening of its global security headquarters in Cambridge, Mass.
Microsoft released 14 security bulletins today, six rated critical. Among the fixes is a patch for a Windows kernel zero-day vulnerability disclosed by Google that was being used in attacks by the Sofacy APT gang.
Microsoft said Russian APT group Sofacy, which has ties to the country’s military intelligence operations, has been using Windows kernel and Adobe Flash zero day vulnerabilities in targeted attacks.
Kaspersky Lab researchers participated in a Reddit AMA, touching on topics such as attack attribution, critical infrastructure security, attacker and researcher tradecraft, and the shortage of security talent.
The ScarCruft APT gang has made use of a Flash zero day patched Thursday by Adobe to attack more than two dozen high-profile targets in Russia and Asia primarily.
Adobe is expected to this week patch a Flash Player vulnerability being exploited in targeted attacks.
Researchers at Kaspersky Lab have identified six APT groups using exploits for a Microsoft Office flaw that was patched in September 2015.
Microsoft disclosed details on the Platinum APT group and its arsenal of backdoors, keyloggers and its abuse of Windows hotpatching to load malicious code on compromised computers.
In this Threatpost op-ed, Dave Dittrich and Katherine Carpenter explain the dangers of conflating measurable events, or observables, with indicators of compromise, which require context and other constructs to provide true threat intelligence.