A rookie/mentor focused track of talks, that’s all it took, something so inviting to up-and-comers from universities, governments and corporations within the computer security industry that secured BSidesLondon 2013 as a “must attend” Infosec conference for 2014 and beyond.
Hasn’t This Been Done Before?
It seems so easy, I mean there has to have been this type …
By Wes Hurd (Cyber Threat Analyst)
When we think of Advanced Persistent Threats (APT), we often associate APT intrusion vectors with spearphishing email messages that contain either a malicious attachment or link to a malicious website location. Many enterprise security teams often overlook, or fail to consider, how online profiles within social networking sites (SNS) can …
Read MoreBy Wes Hurd (Cyber Threat Analyst)
At Cyber Squared, we understand that many targeted, government sponsored or sanctioned attacks can be directly tied to current geopolitical events. Keeping the recent instability of the Korean Peninsula in mind, and the fact that the Chinese Communist Party has a vested interest in Korean affairs, we have kept …
Read MoreIn a 2011 report to Congress on Foreign Economic Collection and Industrial Espionage released by the Office of the National Counterintelligence Executive, the authors stated that “Healthcare services and medical devices/equipment will be two of the five fastest growing international investment sectors according to a US consulting firm. The massive research and development (R&D) …
Read MoreBy Wes Hurd (Cyber Threat Analyst)
In light of all the buzz around the “APT1” aka “Comment Group” threat that has ensued from Mandiant’s recent finding, we need to remain vigilant and remember that there are many other sophisticated threat groups that still pose a risk to global enterprises. We can’t become complacent, and overlook …
Read MoreThe RSA conference this year was abuzz with talk of threat intelligence and its usage in detecting and protecting against more advanced threats. There was re-branding of existing products and the entrance of new products, all of which claimed to support some type of “intelligence” capability. As I walked around it struck me …
Read MoreToday Symantec reported a targeted attack that used the Mandiant APT1 report as bait for a spearphishing attack. Brandon Dixon at 9b+ followed up with the analysis of “Mandiant_APT2_Report.pdf” and identified the command and control infrastructure as itsec.eicp[.]net, reminding us that same infrastructure was also used to target OSX users in the 5 December …
Read MoreIn October of 1962, during the buildup to the Cuban Missile Crisis, a debate between Adlai Stevenson and Valerian Alexandrovich Zorin at the United Nations Security Council, revealed how far the U.S. was willing to go to produce evidence that the Soviet Union was indeed stockpiling tactical nuclear weapons and ballistic missiles in North …
Read MoreTwo weeks ago the New York Times (NYT), Wall Street Journal (WSJ), Dow Jones (DJ) and Washington Post (WP) all reported being targeted and exploited by Chinese Advanced Persistent Threat (APT) groups. In most cases, the compromises had reportedly been going on for quite some time and were severe enough that the …
Read More
Rising from the Ashes: The Return of the Crew
In February, we posted “Burning Down the House for Fun and Profit.” In that opinion piece we discussed the possible pros and cons associated with the February 18, Mandiant APT1 report and corresponding digital indicator appendix on APT1, aka “Comment Crew”.
It has been approximately two months since the public disclosure that …
Read MoreApril 24, 2013 Tags: "Comment Crew", APT1, NDIA MODSIM
Category: APT, Cyber Espionage, Threat Analysis Comments Off