APT33 Group Targeting Aerospace and Energy Sectors with Spear Phishing

A threat actor known as APT33 is actively targeting organizations in the aerospace and energy sectors with spear phishing campaigns. Between mid-2016 and early 2017, the suspected Iranian digital espionage group attacked a U.S. organization in the aerospace sector, a Saudi Arabian conglomerate with aviation holdings, and a South Korean company known for its business … Read More The post APT33 Group Targeting Aerospace and Energy Sectors with Spear Phishing appeared first on The State of Security.
Read more

On Bug Bounty Programs: An Interview with HackerOne’s CEO

In September 2017, I created a list of 10 essential bug bounty programs for 2017. Readers with a keen eye to detail might have noticed that nearly half of the companies included in that catalog host their vulnerability research programs, otherwise known as vulnerability disclosure programs and responsible disclosure programs, through HackerOne. A popular bug … Read More The post On Bug Bounty Programs: An Interview with HackerOne’s CEO appeared first on The State of Security.
Read more

Globe Imposter Named Second Most Prevalent Malware for August 2017

Globe Imposter earned the dubious title of second most prevalent malware for its impact on organizations worldwide in August 2017. Researchers first discovered Globe Imposter, a crypto-malware family that masquerades as Globe ransomware, in May 2017. The digital threat’s proliferation remained steady for several months. But in August 2017, the ransomware revved up its distribution … Read More The post Globe Imposter Named Second Most Prevalent Malware for August 2017 appeared first on The State of Security.
Read more

Newest Locky Variant Uses Ykcol Extension for Encrypted Files

Locky ransomware’s newest variant appends the extension “.ykcol” to every file it affects using its encryption mechanism. Stormshield malware analyst coldshell came across the new variant on 18 September. As with its previous forms, Locky relies on a malspam campaign for distribution. This operation pushes out emails with the subject line “Status of invoice” that … Read More The post Newest Locky Variant Uses Ykcol Extension for Encrypted Files appeared first on The State of Security.
Read more

Targeted Attack Uses Word Docs to Collect Info about Installed Software

A targeted attack is abusing Word documents to collect information about different types of software installed on a user’s computer. Kaspersky Lab came across the operation while investigating the Freakyshelly targeted attack. The campaign consists of spear-phishing emails laden with malicious attachments that don’t contain macros, exploits, or any other active content. Instead they contain … Read More The post Targeted Attack Uses Word Docs to Collect Info about Installed Software appeared first on The State of Security.
Read more
Page 1 of 512345