The energy sector cyber recon tool that SentinalOne found associated with “Furtim” on the dark web continues to look like the work of a state security service.
xDedic, the hacker server souk that vanished temporarily has resurfaced on a Tor domain, Digital Shadows reports. You can sign up for $50 (we recommend you don’t).
In the ransomware world, Heimdal outlines a newly discovered cheap-and-nasty, “Stampado,” noteworthy because it doesn’t need ransomware to operate. ThreatTrack has a detailed report on Cerber (recently active against Office 365 users), and Kaspersky reiterates warnings against Satana (which the researcher primly notes writes better Russian than it does English). Trend Micro claims to be enjoying success blocking ransomware in Asia; it’s also opened up a ransomware hotline for victims. In the US, the Office of Civil Rights at the Department of Health and Human Services releases new HIPAA guidance suggestive of a punitive approach to healthcare ransomware victims.
Yesterday was Patch Tuesday, and Microsoft issued fixes for eleven bugs, six of them “critical.” One closed a printer drive-by vulnerability, another closed the door to some Office security feature bypasses. Adobe and Drupal also patched.
Signs suggest ISIS is preparing for the loss of its territory. Inspiration and online presence will wax in importance as conventional training and command wane.
Russian security officials voice concerns similar to those heard in the West: understaffing, not enough resources, constant pressure of ongoing cyber attacks. They also deplore officialdom’s stubborn reliance on Western software: more autarky equals more security.