We're happy to add a new benefit this week, available to those who support the CyberWire as Producer's Circle Patrons: exclusive access to our new Quarterly Report. If you'd like to see a sample of the Quarterly Report (redacted, of course, because only the Patrons' have access, and anything else would be dilutive), this is it. And thanks again to all of our Patrons.
International operation takes down Hansa Market. Banking malware in circulation. Recovery from WannaCry and NotPetya continues (with difficulty). WikiLeaks regular dump.
Companies continue their recovery from both WannaCry and (especially) NotPetya. The latter attack in particular has had a long-term effect on operations and a material effect on revenue. Concerns about the EternalBlue exploits involved in the attacks appear to have motivated closer attention to patching.
A resurgence of Android banking Trojans is being reported by Dr. Web and other security firms. Google is now offering Android users of Google Mobile Services 11 (and more recent versions) Play Protect, which is intended to enable them to screen potentially harmful apps.
Banking threats are of course not confined to Android. Kaspersky Lab reports its discovery of NukeBot, a ready-to-attack version of TinyNuke. The malware infects banks' sites with a view to stealing credentials.
Trend Micro warns against a current malvertising campaign it's calling "ProMediads." It's distributing the Sundown-Pirate exploit kit, which is a mashup of ransomware and an information stealer. (It may be related to the GreenFlash exploit.) And the United Arab Emirates brace for GreenBug malware's expected return.
International law enforcement enjoyed a big win yesterday, as a joint operation by the Dutch National Police, Europol, and the US FBI and DEA took down Hansa Market, the contraband market that succeeded recently dismantled Alpha Bay as the dark web's leading source of illicit drugs, weapons, and crimeware. The Dutch Police took covert control of the site over a week ago. Servers were seized and arrests made in Germany, Lithuania, and the Netherlands. Bravo Bitdefender for supplying information vital to the operation.
Today's issue includes events affecting Australia, Canada, China, European Union, France, Germany, India, Italy, Japan, Lithuania, Mexico, Netherlands, Norway, Philippines, Russia, Singapore, Syria, Taiwan, Ukraine, United Arab Emirates, United Kingdom, and United States.
Artificial intelligence is key to making sense of big data and scaling security data analytics. The “spray and pray” shotgun approach is too expensive and too imprecise to combat advanced attacks. So how do you harness the power of AI to increase precision and to proactively stay ahead of advanced attacks? How do you evaluate threat hunting tools? Join an online fireside chat with guests Josh Zelonis and Stephen Pieraldi to get the answers.