ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC. A more recent technique the group has picked up uses trojanized open-source software, with the help of persistent social engineering to deliver a malicious payload. This set of trojanized, open-source software implants has been dubbed ZetaNile by Microsoft and BLINDINCAN by CISA. In addition to convincing graphics, the trojanized software only activates the malicious payloads when victims enter the provided credentials. ConclusionThe ZetaNile family is the most recent of many open-source software projects trojanized by ZINC, including PuTTY, KiTTY and TightVNC Viewer.
by Emma SnellSignup to receive the Early Edition in your inbox here. Dylan Tokar reports for the Wall Street Journal. Ian Talley reports for the Wall Street Journal. The defendants, who have ties to the Russian security services, are all believed to be in Russian-controlled territory or Russia itself, making it unlikely that they will ever serve any sentence they receive. Scott Calvert reports for the Wall Street Journal.2 months ago Just Security
However, the state-sponsored cyber programs of China, Russia, Iran, and North Korea continue to pose the greatest strategic cyber threat to Canada. The Canadian Centre for Cyber Security (Cyber Centre) recently published its National Cyber Threat Assessment 2023-24 report. Cyber threat actors adapt their activities and utilize new technologies to achieve their financial, geopolitical, or ideological goals. What personal goals do you have for yourself during your tenure as Head of the Canadian Centre for Cyber Security? My presentation will cover three themes: innovation, the cyber threat landscape (specially as it relates to the tech sector), and partnership opportunities.2 months ago Help Net Security
According to court documents, Moinian served in the U.S. Army in the United States, Germany and South Korea from approximately 1977 through 2000. After his service, Moinian worked for various cleared defense contractors in the United States – including in San Diego – as well as the Department of Defense. Upon returning to the United States, Moinian began gathering aviation-related materials, which included transferring material from a CDC to a thumb drive. At the end of March 2018, Moinian traveled to Bali and met with these same individuals again. Moinian and his wife smuggled this cash back into the United States.2 months ago Homeland Security Today
DTrack backdoor malware used by North Korean groups is deployed to target organizations in Europe and USDTrack malware now spread around in Latin America and EuropeNorth Korean hackers now target organizations with the new version of the malware. However, according to recent reports, the new DTrack backdoor malware is deployed more widely. The DTrack malware also gets installed when attackers breach networks using stolen credentials or exploit Internet-exposed servers. Following the common trendThe particular malware has been linked with the North Korean hacker group Lazarus for many years. Researchers note that changing the target to Europe for financial gains is pretty common with threat actors and malware distributors nowadays.2 months ago Security and spyware news