Windshift: Malware Recycled

A recently published deck (PDF) by Abu Dhabi-based DarkMatter’s Taha Karim draws an interesting conclusion: that an Indian cybersecurity group called Appin, active a few years ago, was either targeted by an advanced APT group (and its tools stolen), or its tools stolen by a rogue employee, or that its tools were sold to a …

Continue reading ‘Windshift: Malware Recycled’ »

Hunt for Deep Panda intensifies in trenches of U.S.-China cyberwar | Reuters

My piece on what Deep Panda looks like in action:¬†Hunt for Deep Panda intensifies in trenches of U.S.-China cyberwar | Reuters: Security researchers have many names for the hacking group that is one of the suspects for the cyberattack on the U.S. government’s Office of¬†Personnel Management: PinkPanther, KungFu Kittens, Group 72 and, most famously, Deep …

Continue reading ‘Hunt for Deep Panda intensifies in trenches of U.S.-China cyberwar | Reuters’ »

ASEAN Phishing Expeditions

Mila Parkour, the indefatigable phish researcher from DC, points to some recent spear-phishing attacks which to me help confirm that Southeast Asia, and ASEAN in particular, has become something of a focus for the chaps in China. They also highlight just how vulnerable diplomats in the region are because of poor security. One is a …

Continue reading ‘ASEAN Phishing Expeditions’ »