Blog Elements

Half Sized Blog Element (Single Author Style)

Half Sized Blog Element (Multi Author Style)

‘NetTraveler’ Cyberespionage Campaign Uncovered

2013-06-05/0 Comments/in Vulnerability Assessment/by fdesir

An intrstuing article from Dark Reading: A less sophisticated but long-running cyberspying program out of China aimed at high-profile targets in government, embassies, oil and gas, military contractors, activists, and universities has infected hundreds of targets across 40 nations. The so-called NetTraveler campaign revealed today by Kaspersky Lab comes from a midsize APT group out […]

Are Businesses Knowingly Infecting Their Web Visitors?

2013-06-05/0 Comments/in Vulnerability & Threat Report/by fdesir

A posting from Dark reading in there Vulnerability and Threat section: As cybercriminals have shifted their techniques to get the most efficiency out of their attack campaigns, some of their favorite methods involve two-pronged attacks to first compromise legitimate Web servers and then use them to, in turn, infect unsuspecting visitors to seemingly innocuous sites. While much […]

‘NetTraveler’ Cyberespionage Campaign Uncovered

2013-06-05/0 Comments/in Vulnerability Assessment/by fdesir

Are Businesses Knowingly Infecting Their Web Visitors?

2013-06-05/0 Comments/in Vulnerability & Threat Report/by fdesir

Full Sized Blog Element (Big Preview Pic)

‘NetTraveler’ Cyberespionage Campaign Uncovered

2013-06-05/0 Comments/in Vulnerability Assessment/by fdesir

An intrstuing article from Dark Reading:

A less sophisticated but long-running cyberspying program out of China aimed at high-profile targets in government, embassies, oil and gas, military contractors, activists, and universities has infected hundreds of targets across 40 nations.

The so-called NetTraveler campaign revealed today by Kaspersky Lab comes from a midsize APT group out of China that has some 50 members and who also have used other malware including Zegost (from Gh0stNet), Saker, and other APT-related tools. That doesn’t mean the same group is behind Gh0stNet or other campaigns, however: “The groups and their activities are large, complex and in many ways separate, and we are simply saying that there are inter-relations in the dataset,” said Kurt Baumgartner, senior security researcher for the Americas on the Global Research and Analysis Team at Kaspersky Lab, in an email interview. “This group’s connections with a handful of other groups is both operational and shares infrastructure.”

To read more click here:

Are Businesses Knowingly Infecting Their Web Visitors?

2013-06-05/0 Comments/in Vulnerability & Threat Report/by fdesir

A posting from Dark reading in there Vulnerability and Threat section:

As cybercriminals have shifted their techniques to get the most efficiency out of their attack campaigns, some of their favorite methods involve two-pronged attacks to first compromise legitimate Web servers and then use them to, in turn, infect unsuspecting visitors to seemingly innocuous sites. While much of this illicit malicious activity occurs behind the backs of these organizations, there are increasing number of businesses that upon being informed that their IPs are engaging in bad behavior stall indefinitely or wait months to remediate the situation.

Whether it is willful denial, a lack of preparation to respond quickly to news of this kind of infection, or simply a lack of resources to be able to properly clean up their online messes, the net effect is that businesses are complicit in spreading malware online, says Srinivas Kumar, CTO of TaaSERA. As he puts it, it is the height of hypocrisy considering how much proselytizing that so many organizations have done in the past to users about how users endanger end-to-end trust in online transactions by using infected devices. Now it is the businesses themselves that are infecting the unknowing users.

To read more click here: