CyberSecurity Pulse 2016-10-20

CyberSecurity Pulse 2016-10-20

“Whoever is careless with the truth in small matters cannot be trusted with important matters.”
Albert Einstein

Analyst Insight

Senior Turkish Government Officials Affected by Advanced Malware

After a 100 GB leak of emails from the AKP Party of Turkey, many security experts agreed that they contained malware. However, what is not commonly known is that this political party has been the target of massive malicious email campaigns using especially crafted attachments.CyberSecurity Pulse 2016-10-20However, many aspects of these attacks are still unknown as ElevenPaths states in a recent report where the malware samples and their malicious content have been analyzed. After analyzing all the malicious attachments, designed to maximize the success rate of the infection, several high profile senior Turkish government officials have been identified as the target including Bekir Bozdağ (Ministry of Justice), Ömer Çelik (Minister of European Union Affairs), Nurettin Canikli (Deputy Prime Minister of Turkey) and Hüseyin Çelik (Minister of National Education).

Traditional security solutions are not enough to tackle samples which are very fresh and which could be related to targeted attacks, since they are unlikely to be found on black lists. However, defense technology against advanced malware can be the solution to threats that pose a significant probability of being implemented in all kinds of entities, both corporate and governmental.

» More information at ElevenPaths

Top Stories

Google Updates Its Stats about Governamental Requests

CyberSecurity Pulse 2016-10-20Google has just updated its transparency report on government requests for users’ data. Globally, the company has received 44,943 government requests for information regarding 76,713 different accounts during the first half of 2016. Google has confirmed that it has provided user information in response to 64% of those requests, a number which remains unchanged from the previous reporting period. The company has also pinpointed in this version of the report that this period has been the first one in which they receive requests from several countries such as Algeria, Belarus, Cayman Islands, El Salvador, Fiji, or Saudi Arabia.

» More information at Google

WikiLeaks Confirms Ecuador Cut Julian Assange’s Internet Access After Clinton Leak

CyberSecurity Pulse 2016-10-20Early Monday, whistleblowing site WikiLeaks tweeted that the internet connection of its co-founder, Julian Assange, was intentionally cut down, for which it blamed an unidentified state party. WikiLeaks has confirmed that its founder Julian Assange’s Internet access was cut down in its London embassy by the government of Ecuador on Saturday. Assange has been living in Ecuador’s London embassy since June 2012, when he was granted asylum by the Ecuador government after a British court ordered his extradition to Sweden to face questioning on a rape allegation.

» More information at The Hacker News

Rest of the Week´s News

Ethereum Network Is Strengthened Against DDoS Attacks with Its First Hard-fork

The first of two hard-forks scheduled to run on the network Ethereum was held last October 20. In this first fork, the objectives are to modify the transaction costs and the execution of intelligent contracts to provide further protection against denial of service attacks (DDoS) such as the ones received by the network since September.

» More information at Ethereum Blog

An Interesting Technique To Exfiltrate Data From Magento Platforms

Cybercriminals have been using image files to store and exfiltrate payment card data stolen from the target website. This last wave of attacks targeted over 100 online shops running on Magento, Powerfront CMS and OpenCart e-commerce platforms.

» More information at Website Security News

The New TrickBot Banking Trojan Seems To Have Been Developed by Dyre Authors

In November 2015, Dyre activity ceased. But now security experts at Fidelis Cybersecurity believe that the evolution of the TrickBot malware has a strong connection to Dyre banking trojan. The code of the new banking Trojan seems to have been rewritten with a different coding style, but maintaining many functionalities.

» More information at Threat Geek

Further Reading

Cybercriminals Hit National Republican Senatorial Committee in USA

» More information at Krebs on Security

Donald Trump’s Email Servers Are Very Insecure

» Más información at The Register

CryPy Ransomware Uses a Unique Key for Each Encrypted File

» More information at Security Affairs