May 23, 2013 – The Register: China’s exposed crack cyberspy crew dumps ‘most’ of its kit
The infamous APT1 cyberespionage crew is diminished but not defeated following its public exposure three months ago. Cyber Squared, another threat intelligence firm, reported a month ago that APT1 was still in business. However, at the time it said there was no discernible difference in the group’s implant technologies or command and control capabilities. The group’s target selection process also remained unaltered, according to Cyber Squared.
April 30, 2013 – Dark Reading: Chinese Cyberespionage: Brazen, Prolific, And Persistent
China, China, China: New data and intelligence is shedding more light on just how bold and pervasive Chinese cyberespionage activity is today. “I was personally part of the camp that thought these guys would change significantly” after the Mandiant report was published, says Rich Barger, chief intelligence officer with Cyber Squared, which last week unveiled new evidence of the group targeting the defense and aerospace community using many of the same techniques and command-and-control (C&C) capabilities as before.
April 29, 2013 – The Register: Chinese cyber-spook crew back in business, say security watchers
The widely feared Chinese cyber-espionage crew known as APT1 is back in business two month after a high profile report that lifted the lid off its activities, according to security researchers. Cyber Squared has been tracking numerous Chinese cyber espionage threat groups within ThreatConnect.com and crowd-sourcing threat intelligence with nearly 400 global security researchers. All signs suggest that “Comment Crew” and other Chinese APT threat groups are still conducting exploitation operations. In fact, there has been little change detected within “Comment Crew” operations.
April 26, 2013 – USA Today: Cyberspying from North Korean IP addresses spike
Speaking of which, security start-up Cyber Squared on Thursday reported that the “Comment Crew” also known as “APT1″ is back in action. You may recall this spy gang with ties to the Chinese military grabbed headlines a couple of months ago when forensics firm Mandiant released a detailed report of how the gang’s day-to-day activities.
April 15, 2013 Upcoming webinar
Register to attend Cyber Squared’s Threat Intelligence quarterly update webinar. Spend your lunch hour with our intelligence team on Wednesday, April 17th as they review noteworthy events, case studies, and ThreatConnect updates from the first quarter.
April 11, 2013 – CSO: Targeted social media attacks said to be underreported
Security company Cyber Squared reported this week how three Chinese political activists in and outside of the country were sent tweets from Twitter that contained links to two compromised websites.
April 10, 2013 – ThreatPost: Rogue Twitter Account Used in Targeted Attacks Against Free Tibet Supporters
Researchers at Cyber Squared, an Arlington, Va.-based security company, published their findings this week. The links in the tweets, analyst Wes Hurd wrote, led to a Tibet WordPress blog and a Chinese-language forum; both served up Adobe Flash exploits used in the past to attack aerospace companies as well as an online payroll provider.
March 21, 2013 – AlienVault Labs: New Sykipot developments
Cyber Squared Sykipot research was mentioned in this Alienvault Labs blog post. In the post, Alienvault Labs exposes several campaigns and new versions of the backdoor they have used to access the compromised systems.
March 21, 2013 – The Register: Cyberspies send ZOMBIES to steal DRUGS from medical research firms
Cyber-espionage crews have been targeting the lucrative medical and life science industries using custom malware and spear-phishing, according to new research. Security intelligence firm Cyber Squared said that at least three distinct groups have targeted the industry for more than two years since 2010. It has posted a blog post  exposing some of the techniques and tradecraft of cyberspies targeting the life science sector. A single drug can cost up to $1bn to develop, the security bods note.
March 14, 2013 – Dark Reading: Medical Industry Under Attack By Chinese Hackers
Multiple gangs of Chinese cyberespionage hackers are now targeting the healthcare and medical/life sciences industries. Most every industry is fair game for cyberespionage these days — so it’s no surprise that the healthcare and medical industry would come up on the list — but, to date, it has been a field more abused by cybercriminals motivated by medical identity theft and other financial fraud.
February 27, 2013 – USA Today: Security tools reveal cyberintruders’ trickery
Cyber Squared, for one, has built openness into its business model. The security start-up recently launched ThreatConnect.com, an online exchange where some 150 security researchers and 45 organizations convene around the clock to share data and brainstorm.
February 27, 2013 – The Register: APT1, that scary cyber-Cold War gang: Not even China’s best
Shanghai hackers APT1 – outed this month in a high-profile report that linked them to the Chinese military – may not be China’s top cyber-espionage team despite its moniker. Security experts say the team is more prolific than leet.
February 19, 2013 – USA Today: Chinese military hackers were ‘noisy’
The Chinese military hacking group that has stolen huge amounts of data from U.S. organizations is one of some 20 active cyberspying groups engaging in comparable data theft and espionage.
February 6, 2013 - Dark Reading: More Data On Attackers, But Attribution Still Dodgy
Identifying the groups behind attacks is still a dicey proposition, but security firms are collecting more information on attackers’ techniques and their infrastructure.
February 6, 2013 - The Register: NYT hacks part of wider war on western media firms
Recent hack attacks on the New York Times and the Wall Street Journal may be simply the most prominent out of a wider series of assaults against western media firms, according to a cyber-security intelligence firm.
February 4, 2013 - USA Today: Why the New York Times network was simple to breach
Originally posted on lastwatchdog.com – The recent network breaches of the New York Times and Wall Street Journal may be the tip of the iceberg. At least six separate Chinese hacking groups, steeping in Advanced Persistent Threat, or APT tactics, are likely responsible for targeting US, UK, Australian, Canadian, Korean and Philippine media organizations, says Adam Vincent, CEO of security startup Cyber Squared, which runs the ThreatConnect intelligence-sharing exchange.
July 26, 2012 - Bloomberg: Hackers Linked To China’s Army Seen From EU To D.C.
July 12, 2012, Cyber Squared Inc. is a prime contractor on the SEAPORT Enhanced (SEAPORT-e) multiple award contract from the Naval Surface Warfare Center (NSWC) in Dahlgren, VA. Click here to read more.
May 22, 2012 - Washingtonian: Cyber Spies Target Washington Think Tanks and Law Firms
May 11, 2012 Upcoming webinar
Due to the positive response our Project Enlightenment case study has generated, we will hold a webinar on Wednesday, May 30th to share additional insights into our cyber espionage investigation. Click for More Information and to Register.
May 9, 2012 - CSO Online: CSOs warned of serious cyber-espionage attack
May 8, 2012 - Darkreading: Targeted Attack Infiltrates At Least 20 Companies
May 3, 2012 - Christian Science Monitor: Cyber Squared Exclusive - China blamed for multi-continent cyberspying caper in 2011
May 2, 2012 - Infosec ISLAND: Project Enlightenment Attacks Reminiscent of Shady Rat
Security provider Cyber Squared has released a detailed report examining a widespread cyber espionage operation that targeted a variety of companies and organizations across multiple sectors.
May 1, 2012 - Press Release: Cyber Squared Releases Cyber Espionage Case Study
Cyber Squared’s newly released case study highlights the seriousness of cyber threats to all types of organizations. Click here to read a summary and download the case study.
April 30, 2012 – SYS-CON Media – “Small Businesses – Often Overlooked But Just As Vulnerable To Cyber Attacks”
Read Adam Vincent’s latest SYS-CON Media article on what small businesses can do to protect themselves and mitigate the risk of losing customers, revenue, sensitive information, and their reputation.
April 2, 2012 – Cyber Squared News
We welcome Jason Lord to our team of cyber security professionals. Jason brings industry expertise in Incident Response and Digital Forensics. He will be leading our services team in supporting our commercial clients and helping them manage their cyber security risks. Welcome, Jason!
November 23, 2011 – SYS-CON Media – “Combating Sophisticated Cyber Threats – Industry Conference Follow-up”
I was part of a panel titled “Developing Security Strategies to Successfully Combat Sophisticated Threats to your Network, while Protecting Customer Privacy” at the TM Forum conference two weeks ago. Given the topic, and the interesting conversation, I wanted to highlight some of the ideas expressed around sophisticated threats.
October 24, 2011 – SYS-CON Media – “Predicting the 2012 Campaign Compromises – To the American voter, “cyber” issues may not be the hot topic”
With the 2012 political season upon us, we have just gained a glimpse of the individual candidates and their cyber policies. It is from those cyber policies that we have also heard the candidates address China; specifically Chinese nation state cyber sanctioned or sponsored espionage. To the American voter, “cyber” issues may not be the hot topic that the economy, immigration or the presence of troops in Iraq and Afghanistan are. However, the candidates and their staffs would benefit by recognizing cyber security is not just a second tier national issue for debate, but a very real problem that they will have to deal with directly in their own campaign’s security posture.
September 13, 2011 – SYS-CON Media – “The Foundation of Internet Trust May Be Crumbling – DigiNotar Certificate Authority Breached”
Google recently reported the possibility of a Man-In-The-Middle (MITM) attack using fraudulent SSL certificates issued by DigiNotar. The attack affected people logging into Google’s popular email services from Iran, and google has responded by rejecting all the Certificate Authorities operated by DigiNotar. We now know that Google is not the only possible target of these bogus DigiNotar issued certificates. Rather DigiNotar certificate signing services, used to create a foundation of trust, had been used maliciously to create many fraudulent SSL certificates.
June 16, 2011 – The Economist – “An anonymous foe – Hackers hit big companies, the IMF and the headlines”
DEFENCE companies such as Lockheed Martin have seen some of their cyber-defences penetrated. Sony, Google, Citigroup and other firms have had sensitive customer data swiped by high-tech intruders. The IMF has been the victim of a digital attack, as has the website of America’s Senate. And a hackers’ collective, called Anonymous, has threatened to launch an online assault on the computer systems of America’s Federal Reserve unless its chairman, Ben Bernanke, agrees to step down.
June 13, 2011 – eWeek.com – “IMF Breach May Be State-Sponsored Spear Phishing Attack”
The International Monetary Fund was targeted by attackers over several months earlier this year, The New York Times reported. Many security experts are speculating the attackers may have had some support from a nation-state.
June 13, 2011 – Reuters – “Security Intelligence Company Cyber Squared Brings Sophisticated Cyber Threat Experience to Commercial Sector”
In the aftermath of cyber attacks on L-3, Lockheed Martin, and RSA, Cyber Squared Inc., a government consulting firm specializing in tracking and disrupting sophisticated threats, is offering security intelligence services to the commercial sector.
June 10, 2011 – SYS-CON Media – “Cyber Espionage – Knowing You Are a Target”
The existence of a persistent cyber-espionage threat to the military, government, and defense contractors is nothing new. While the ability of these organizations to react and remediate attacks against their networks is still often demonstrably lacking, there is now at least some level of cognizance of the threat and even an expectation of serious, repeated attacks. Awareness is obviously a vital first step on the road to solid security and attack prevention.
June 2, 2011 – SYS-CON Media – “Defense Department Contractors Targeted”
In the last week Lockheed Martin, then L-3 Communications Holdings have been in the news due to sophisticated cyber attacks on their networks by unknown actors. Now there are rumors that Northrop Grumman may have been targeted as well, since the company shut down remote access to the company’s network. Are these events linked to the attack on RSA which was reported on May 17th?