Dismiss this notice
Master PDF Editor Easter 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=6240

Dismiss this notice
Avast Premier Easter 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=6095

Dismiss this notice
Ashampoo Snap 10 Easter 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=6241

Dismiss this notice
Backup4all Professional Easter 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=6464


Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
APT review of the year
#1
Information 
[Image: 181205-apt-review-of-the-year-1.png]
Quote:What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them?

Not an easy question to answer; everybody has partial visibility and it’s never possible to really understand the motivations of some attacks or the developments behind them. Still, with the benefit of hindsight, let’s try to approach the problem from different angles to get a better understanding of what went on.

On big actors

There are a few ‘traditional’ actors that are very well known to the security community and that everybody has been tracking for the last few years. It has been business as usual for these actors in 2018 or, if anything, perhaps slightly quieter than usual.

In reality, it is the doctrines and modi operandi of these groups that determine how they react in the event of their operations becoming public knowledge. Some actors will simply abort their campaign and go into clean-up mode, while others carry on as normal. In order to do so, it is common for some of these actors to simultaneously work on several sets of activity. This allows them to compartmentalize operations, and if they are discovered, they simply improve their toolset to avoid detection next time.

We traditionally find many Russian-speaking actors in this second group, and we would like to highlight the 2018 activity of Sofacy, Turla and CozyBear.

Sofacy was probably the most active of the three. Throughout the year we detected it in various operations, updating their toolset and being blamed by authorities for several past operations. We have seen the actor deploying Gamefish and an updated version of its DealersChoice framework against embassies and EU agencies. One of the most high-profile incidents was abuse of Computrace LoJack by this actor in order to deploy its malware on victim machines, in what can be considered a UEFI-type rootkit.
Full reading: https://securelist.com/apt-review-of-the-year/89117/
[-] The following 2 users Like harlan4096's post:
  • Der.Reisende, silversurfer
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Latest Threads
PC Game Giveaway:Transistor Sci-fi-theme...
Last Post: sinanogz
Today 10:42
» Replies: 0
» Views: 4
Try Out the Reader Mode in Microsoft’s N...
Last Post: silversurfer
Yesterday 14:13
» Replies: 0
» Views: 31
Microsoft Brings a Key Security Feature ...
Last Post: silversurfer
Yesterday 14:13
» Replies: 0
» Views: 30
PC Game Giveaway:Assassins Creed Unity
Last Post: sinanogz
Yesterday 10:57
» Replies: 0
» Views: 27
LibreOffice 6.1.2
Last Post: JM Safe
Yesterday 09:53
» Replies: 5
» Views: 200
WhatsApp Will Allow Users to Block Conve...
Last Post: JM Safe
Yesterday 09:51
» Replies: 1
» Views: 32
Avast Blog_Security News: Facebook wants...
Last Post: harlan4096
Yesterday 07:51
» Replies: 0
» Views: 30
Avast Blog_Tips & Advices: Are budget-tr...
Last Post: harlan4096
Yesterday 07:49
» Replies: 0
» Views: 24
Emsisoft Anti-Malware named one of AVLab...
Last Post: harlan4096
Yesterday 07:41
» Replies: 0
» Views: 52
Next generation antivirus: the future of...
Last Post: harlan4096
Yesterday 07:38
» Replies: 0
» Views: 38
10 Chrome Extensions to Boost Your Onlin...
Last Post: harlan4096
Yesterday 07:31
» Replies: 0
» Views: 26
Microsoft Announces Surface Hub 2S: 50-I...
Last Post: harlan4096
Yesterday 07:26
» Replies: 0
» Views: 21
AMD 50th Anniversary Ryzen CPUs Listed A...
Last Post: harlan4096
Yesterday 07:24
» Replies: 0
» Views: 17
The Huawei P30 & P30 Pro Reviews: Photog...
Last Post: harlan4096
Yesterday 07:22
» Replies: 0
» Views: 28
Samsung Completes Development of 5nm EUV...
Last Post: harlan4096
Yesterday 07:20
» Replies: 0
» Views: 26
TSMC Reveals 6 nm Process Technology: 7 ...
Last Post: harlan4096
Yesterday 07:16
» Replies: 0
» Views: 23
8 ways in which Microsoft Edge (Chromium...
Last Post: harlan4096
Yesterday 07:11
» Replies: 0
» Views: 28
Google to present browser and search cho...
Last Post: harlan4096
Yesterday 07:09
» Replies: 0
» Views: 22
Ubuntu 19.04 is out
Last Post: harlan4096
Yesterday 07:07
» Replies: 0
» Views: 20
Start Menu gets its own process and a pe...
Last Post: harlan4096
Yesterday 07:04
» Replies: 0
» Views: 25

[-]
Staffs Online
There are no staff members currently online.