InfoSec Week 23, 2017

Posted on 12 June 2017
SUBSCRIBE TO A WEEKLY NEWSLETTER!

Turla malware is communicating with the C&C infrastructure by leaving comments in Britney Spears's Instagram account.
https://www.welivesecurity.com/2017/06/06/turlas-watering-hole-campaign-updated-firefox-extension-abusing-instagram/

The gang behind Platinum threat is using Intel Active Management technology Serial-over-LAN channel to bypass the software firewall when transferring files, due to operating system independence of this low level technology.
https://blogs.technet.microsoft.com/mmpc/2017/06/07/platinum-continues-to-evolve-find-ways-to-maintain-invisibility/

Montenegro is continuously targeted by cyber attacks attributed to the APT28 group as a part of a broader influence campaign.
http://securityaffairs.co/wordpress/59820/apt/apt28-targets-montenegro.html

MacSpy malware-as-a-service is a feature rich RAT targeting OS X operating system.
https://www.alienvault.com/blogs/labs-research/macspy-os-x-rat-as-a-service

IBM researchers analyzed QakBot banking trojan responsible for "lock out" of the hundreds of Active Directory users.
https://securityintelligence.com/qakbot-banking-trojan-causes-massive-active-directory-lockouts/

A Linux malware is installing cryptocurrency mining software on Raspberry Pi via SSH. It's using only default SSH user & passphrase.
https://www.bleepingcomputer.com/news/security/linux-malware-mines-for-cryptocurrency-using-raspberry-pi-devices/

The GNU Privacy Guard (GnuPG) developers start new fundraising effort for the continued development of this well known encryption software.
If you want to know more about the capabilities of GnuPG, check the linked "An Advanced Intro to GnuPG" presentation from the last year.
Please, donate.
https://gnupg.org/donate/
https://begriffs.com/posts/2016-11-05-advanced-intro-gnupg.html


Comments !