METHOD – RANCOR Malware: Southeast Asia

A new malware campaign was observed this month, which appears to be politically driven and targets organizations operating in southeast Asia. The malware was dubbed “RANCOR” by Palo Alto researchers and falls under the Trojan malware classification. Additionally, the malware appears to make use of code from two malware families: DDKONG and PLAINTEE. The malware […]

TARGET: Dixons Carphone Breach exposes 1.2 million customers data

Dixons-Carphone logo

On June 13th, The popular U.K. based electronic and telecom retailer Dixons Carphone disclosed that it has recently discovered that it was breached in 2017 which may have compromised almost 6 million payment cards and 1.2 million personal data records. The company disclosed that there had been unauthorized access to sensitive data starting in July […]

Target: Exactis Data Leak – 340 Million Records Exposed

Published June 28, 2018, the database leak of Florida-based marketing and data aggregation firm Exactis has been disclosed to the public. Exactis focuses on the mass collection and trading of data in order to provide highly accurate and targeted advertisements to its audience. This is considered to be one of the biggest breaches of all […]

Method – MirageFox Malware

China-Flag

On June 18th, malware researcher, Jay Rosenberg released some interesting findings on a binary that was analyzed by the company Intezer. The code was retrieved through VirusTotal hunting. VirusTotal is a tool used by the global cybersecurity community that allows users to upload suspicious executables to an engine to check if antivirus vendors detect anything […]

Actor – APT 15 / Vixen Panda

A suspected state-sponsored Chinese threat actor that is known as APT 15 (FireEye) or Vixen Panda (Crowdstrike), and activity documented as Operation Ke3chang (FireEye and Palo Alto) has recently resurfaced again in conversations. The activity of this group was suspected to start as early as 2009. The first major public release of information on this […]

Target – FAPD Phishing HIPAA Breach

at symbol held by a fish hook on a blue code background

On June 1st, the Florida Agency for Persons with Disabilities (FAPD) disclosed that a phishing attack had compromised a single email account. The email account contained information that had PHI of over 1,951 customers and/or guardians. Although no evidence was gathered that indicated the information was accessed, FAPD could not completely rule out that it […]

Method: Hidden Cobra TYPEFRAME Malware Activity

North Korean flag with cobra overlay

On June 14th, US-CERT released a Malware Analysis Report (AR18-165A) that details a set of malware, code-named TYPEFRAME, with the earliest observed sample dating back to 2015. This malware appears to have been leveraged by North Korea’s threat actor HIDDEN COBRA (aka Lazarus). The Trojan has the capability to download and install malware, proxies and […]

Vulnerability: Zero-Day Flash Flaw

June 7, 2018 – Security Firm Qihoo 360 identified a brand new zero-day flaw in Adobe Flash that could leave users vulnerable to executing malicious software without permission. Attackers have been able to gain access to victim’s devices by sending emails that contain exploited Flash content that has been disguised as a Microsoft Office document. […]

Vulnerability: Google Chrome Browser – CVE-2018-6148: Incorrect handling of CSP header

On May 23rd, a security researcher reported a vulnerability in the Chrome Desktop Browser (Pre-Version 67.0.3396.79) that allows for the mishandling of the Content Security Policy (CSP) header. The CSP header allows website developers to implement a 2nd layer of security on their websites to prevent possible malicious activity. The vulnerability bypasses the SECURITY_CHECK in […]

TARGET: Two Major Canadian Banks Breached

Two Canadian banks claim to have been breached by attackers this week. Simplii Financial which is owned by CIBC, has claimed that it may have lost personal and account information for over 40,000 bank customers. The Bank of Montreal then followed this news by claiming that they too had been breached and lost up to […]

TARGET: Nuance Communications – Lost Revenue and PHI

Nuance-Communications-Logo

Nuance Communications, a healthcare software company which specializes in speech and imaging, has had a run of bad luck with external and internal incidents in 2017. Last year NotPetya malware cost the company $92 million in revenue, mainly from the disruption of transcription services and systems used by healthcare customers. Nuance quickly attempted to restore […]

TARGET: Coca-Cola Data Breach

Things are starting to fizz up! Back in September 2017, a disgruntled former employee of the soda pop conglomerate, Coca-Cola, managed to walk out the door of their global headquarters with an external hard drive containing over 8,000 confidential employee records. Although they would not disclose the specifics of the information stolen, the company did […]