AT&T Alien Labs yesterday released a report on the SideWinder threat actor. SideWinder is believed to have been active at least since 2012, but Alien Labs concentrates on operations since 2017. Its usual tactics include spearphishing, “document exploitation, and DLL Side Loading.” Attribution is uncertain, but SideWinder has been most often reported active against Pakistani military targets, and Alien Labs thinks “with low to medium confidence” that SideWinder is an Indian operation. It seems at the very least to work in support of Indian interests.
Google’s Project Zero has begun a series on zero-days it’s found undergoing active exploitation in the wild. This week it describes a set of four that were used to craft malicious websites to entrap Windows and Android users. The campaign was sophisticated, evasive, and expensive to mount. The vulnerabilities exploited (CVE-2020-6418, Chrome Vulnerability in TurboFan; CVE-2020-0938, Font Vulnerability on Windows; CVE-2020-1020, Font Vulnerability on Windows; and CVE-2020-1027, Windows CSRSS Vulnerability) were all been fixed in 2020.
The US Cybersecuriy and Infrastructure Security Agency (CISA) has issued a warning about successful cyber operations directed against cloud services whose users are afflicted with poor cyber hygiene. CISA’s Analysis Report also includes a set of recommendations for ways in which enterprises can improve their cloud security.
Group-IB this morning released a report about Classiscam, a scam-as-a-service criminal enterprise hawking malicious classified ads.
BankInfo Security says SolarLeaks has added Microsoft and Cisco code to their offerings, joining SolarWinds and FireEye swag. There’s still no solid evidence the offer's genuine.
January 13, 2021 at 03:00PM
https://ift.tt/3sst71i
SideWinder APT described. Project Zero describes sophisticated crime. CISA advice on cloud hygiene. Scam-as-a-service. SolarLeaks update. - The CyberWire
https://ift.tt/2WinW4G
Bagikan Berita Ini
0 Response to "SideWinder APT described. Project Zero describes sophisticated crime. CISA advice on cloud hygiene. Scam-as-a-service. SolarLeaks update. - The CyberWire"
Post a Comment