18.3 C
London
Tuesday, August 22, 2017
Home Tags Actor

Tag: actor

IT threat evolution Q2 2017

The threat from ransomware continues to grow.

Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers.
In May, we saw the biggest ransomware epidemic in history, called WannaCry.
SonicSpy family of apps pose as benign programs.

Behind the scenes, they spy on users.
For at least three years, an unknown threat actor has used the RAT to steal data and profile organizations in North Korea.

APT Trends report Q2 2017

Since 2014, Kaspersky Labrsquo;s Global Research and Analysis Team (GReAT) has been providing threat intelligence reports to a wide-range of customers worldwide, leading to the delivery of a full and dedicated private reporting service. Prior to the new service offering, GReAT published research online for the general public in an effort to help combat the ever-increasing threat from nation-state and other advanced actors.
Today, a dangerous new trend is emerging: steganography is increasingly being used by actors creating malware and cyber-espionage tools. Most modern anti-malware solutions provide little, if any, protection from steganography, while any carrier in which a payload can be secretly carried poses a potential threat.
As the buzz over the Internet of Things (IoT) ripples across industries, companies from small startups to industry behemoths rush to launch their IoT products.

The dramatic advances in Internet infrastructure, cloud computing, connection bandwidth, and mobile devices over the years have all helped make IoT real.

Given the abundance of the ever evolving computing technologies, there are many choices of computational models and platforms for the design and implementation of an IoT product.Dating back to the 1970s, the actor modelnbsp;didn't gain too much attention until recently. The model revolves around a universal primitive called actor for concurrent and distributed computation.
It provides an idiomatic alternative to the more conventional concurrency model that relies on synchronization of shared mutable state using locks.
In particular, the message-driven style of non-blocking interactions via immutable messages among actors meshes well with contemporary programming approaches on complex distributed platforms.To read this article in full or to leave a comment, please click here
In the beginning of 2017, Kaspersky Lab became aware of new activities by an APT actor we have been tracking for several years called Spring Dragon (also known as LotusBlossom).
Information about the new attacks arrived from a research partner in Taiwan and we decided to review the actorrsquo;s tools, techniques and activities.
The first half of 2017 began with two intriguing ransomware events, both partly enabled by wormable exploit technology dumped by a group calling themselves “The ShadowBrokersrdquo;.

These WannaCry and ExPetr ransomware events are the biggest in the sense that they spread the quickest and most effectively of known ransomware to date.
New showrunner Chris Chibnall picks the Broadchurch star to play the next Time Lord.
The righteous apes are back, for great justice.
To date, nobody has been able to find any significant code sharing between ExPetr/Petya and older malware.

Given our love for unsolved mysteries, we jumped right on it. Wersquo;d like to think of this ongoing research as an opportunity for an open invitation to the larger security community to help nail down (or disprove) the link between BlackEnergy and ExPetr/Petya.
After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have confirmed that the threat actor cannot decrypt victims’ disk, even if a payment was made. This supports the theory that this malware campaign was not designed as a ransomware attack for financial gain. Instead, it appears it was designed as a wiper pretending to be ransomware.