BlackTDS Malvertisements On The Rise

Date/Time of Report – 20180319 1415 APT/Vector Name – BlackTDS AKA Names – N/A Purpose/Target – Cybercriminals consistently utilize Traffic Distribution Systems to determine traffic type, which will aid them in directing users to certain malicious sites and in determining what malicious payloads to execute on particular systems. [1] Method – Spam, malvertising, distributing malware…

Cybersecurity

Criminal Hacker Organizations Offer Great Customer Service

Date/Time of Report – 2018-22-3 14:30 APT/Vector Name – Criminal Hacker Organizations, Ransomware-as-a-service (RaaS), Malware-as-a-service (MaaS) Examples – Raas; Cerber, Satan, Hostman, Flux, Atom – MaaS; WannaCry Purpose/Target – Financial remuneration, intellectual challenges, vengeance against certain organizations, alleviation of boredom, and social gains Method – Most commonly spear-phishing Source – First seen from Russia over…

Fancy Bear Russian Cyber Attacks On the US

Date/Time of Report – 2018/03/22 14:53 APT/Vector Name – Fancy Bear AKA Names – APT28, Pawn Storm, Sofacy Group, Sednit and STRONTIUM Purpose/Target – The threat group is known to target government, military, and security organizations, especially Transcaucasian and NATO-aligned states. Fancy Bear is thought to be responsible for cyber-attacks on the German parliament, the…

Cyber Risk Management

NIST Releases Draft Special Publication 800-202, Quick Start Guide for Populating Mobile Test Devices

Draft Special Publication 800-202 Guide Helps Digital Forensics Investigators Place Data on Mobile Devices NIST is releasing a guide that describes procedures for documenting and populating test data on a mobile device before testing a mobile forensic tool—the recovery and interpretation of data found on digital devices is often part of a criminal or civil…