I’ve seen numerous compliments for this graphic by Micke, so… here’s a high-res version.
Source: State of Cyber Security 2017
We’ve published a White Paper today titled: The Callisto Group. And who/what is the Callisto Group? A good question, here’s the paper’s summary. Heavy use of spear phishing, and malicious attachments sent via legitimate, but compromised, email accounts. Don’t click “OK”.
I’ve just started experimenting with Tweepy to write a series of scripts attempting to identify Twitter bots and sockpuppet rings. It’s been a while since I last played around with this kind of stuff, so I decided to start by writing a couple of small test scripts. In order to properly test it, I needed to point […]
There’s news today of a BAE/PWC report detailing a Chinese-based hacking group campaign dubbed “Operation Cloud Hopper”. Chinese Group Is Hacking Cloud Providers to Reach Into Secure Enterprise Networks https://t.co/Le4E4Se2Hc pic.twitter.com/adpDyWYa6C — News from the Lab (@FSLabs) April 5, 2017 This operation is what’s known as an upstream attack, a method of compromise that we […]
Yesterday, between 9:00 and midnight GMT, we observed three massive malware spam runs. The magnitude clearly stood out the average daily amount of spam with attachments. The campaigns were largely sent to accounts with email address in the co.uk TLD. The first run, with subject lines such as “Your Booking 938721” (numbers vary) started at […]
Google announced on Wednesday that it will soon add real-time location sharing to Google Maps. The feature set appears to be very reminiscent of Google Latitude, which was introduced (way back) in 2009. Location sharing will undoubtedly be a popular option for many, but, it may come with OPSEC considerations for others. Here’s what I wrote about […]
A Turkish hacking group is reportedly attempting to extort Apple over a compromised cache of iCloud account data. This activity is on the heels of last week’s Turkish related Twitter account hacks via a service called Twitter Counter. And that brings to mind this article (by Andy)… OVER THE PAST FEW YEARS, you’ve probably heard […]
We’ve been asked numerous questions about WikiLeaks’ March 7th CIA document dump. Did the news surprise you? No. Spies spy. And that spies use hacking tools… is expected. (“Q” does cyber these days.) Does this mean that the CIA will have to start over and rebuild a completely new set of tools? Does it need […]
Apple and Google have issued statements to the media regarding WikiLeaks’ March 7th publication of CIA documents. Here’s Apple’s statement via BuzzFeed News. According to Apple, its “products and software are designed to quickly get security updates” to its customers. So, just how well does that statement hold up to what we see in-the-wild? Well, […]
AV-Test has awarded F-Secure Client Security with Best Protection 2016! And as tradition dictates, we took it on a tour of Helsinki. As a reminder, AV-Test’s Best Protection award is based on continuous real-world testing, over the entire year, against the most reliable and well-trusted endpoint protection vendors on the market. We’re proud to have, once […]
Jarkko Turkulainen, a Senior Researcher on our Threat Intelligence team, has (today!) publicly released a research tool called Reflash. It’s a proof-of-concept framework for analyzing Adobe Flash files. It produces an SQL database of Flash VM stack trace by injecting dynamically generated instrumentation to Flash files. The SQL database can later be analyzed with various […]