Switzerland’s Defense Ministry reports cyber industrial espionage in January by unnamed parties.
ISIS seeks to impose a news blackout on Mosul as Iraq’s army closes in. Caliphates establish legitimacy through success only—adversity is no sign of divine favor.
Anonymous proceeds with OpIcarus, DDoSing the Central Bank of Cyprus, which suggests that the global campaign to punish the financial sector so far speaks mostly Greek. (And Turkish. And English…)
Palo Alto Networks publishes its research on Infy, a highly targeted attack campaign that’s also being called the Prince of Persia, in recognition of its Iranian provenance. Palo Alto thinks Infy has been quietly active for about a decade, spread by spearphishing. Its targets include both foreign governments and companies as well as a small number of Iranian nationals.
On the ransomware front, Cylance describes the AlphaLocker family. Petya’s nasty one-two punch gets a look from Securelist, SANS ISC discusses Cerber’s distribution by Neutrino, and Heimdal reports an unusually repellent extortion come-on: “Charity Team” promises to donate your ransom to help children. The Dridex botnet, increasingly used to serve ransomware, is going through a rough patch: some white, gray, or black hat is mucking with the attack traffic, substituting a dummy file for the intended Locky payload.
Lest we forget DDoS, researchers note its continuing use for both business interruption and misdirection. Attacks need not be big to succeed.
Hold Security finds a Russian script kiddie willing to sell 272 million hacked passwords for one dollar, plus some social media love.