Displaying items by tag: North Korea

Security firm Mandiant says it has not mentioned any zero-day exploit usage by Western government agencies in a report about incidents in 2021 because it did not find any exploits which it could identify with reasonable confidence as coming from these sources.

A report accusing China of conducting attacks on India's power grid has been attributed to a cyber-security firm named Insikt Group, by the British website, The Register.

The American website ZDNet says numerous threat groups are linked to various countries and claims this is based on findings by the ICS security specialist firm Dragos.

The chief executive of an American company that specialises in the security of industrial control systems is not exactly enthusiastic about governments forcing companies to report incidents that affect such systems, given that sharing of information from the government side is limited.

The Australian National Press Club has shown that it is no longer part of the Fourth Estate, by imposing a blanket of censorship on the Russian Ambassador to Australia, Alexey Pavlovsky.

ANALYSIS A detailed security report from Microsoft somewhat predictably claims that 58% of state-sponsored network attacks in 2020-21 came from Russia.

Britain will launch cyber attacks in response to similar actions by so-called "hostile states" like Russia, the country's Defence Secretary says.

In what appears to be a first, a CIA-bankrolled threat intelligence firm has set up a "tech news" outlet to spread its wares.

Most people in the infosec industry are adamant that attribution is the most difficult part of the process, but Romanian security firm Bitdefender's Daniel Clayton is an exception. The vice-president of global services and support said this was not really the case.

Nine Entertainment is maintaining a no-official-comment policy on the breach of its Sydney network that came to light on 28 March, but the company appears to have no objection to its staff making the wildest of claims about the incident.

It should be somewhat curious to the average individual that all the coverage about the ongoing Microsoft Exchange Server attacks has focused on anything but the entity responsible for these attacks: Microsoft.

CIA-backed threat intelligence firm Recorded Future has issued a document in which it claims that a China-linked group named RedEcho is targeting the Indian power industry. That's the meaning from the headline which is very definitive.

Whenever FireEye, the cyber security firm that just had its crown jewels compromised, publishes a report on some activity by malicious attackers, it always issues a judgment on where they come from – with high confidence most of the time.

The defence industry lobby group Australian Strategic Policy Institute has issued a research paper claiming that state-backed actors are launching more and more online attacks and disinformation campaigns to interfere in foreign elections and referendums.

Microsoft president Brad Smith has called for the barrage of cyber attacks on democracies — not other countries which also face the same issue — to be called out and stopped.

After what seems like an eternity, a security company has dared to mention the unmentionable: the US does have advanced persistent threats or nation-state attack groups which are active.

The prevalence and severity of cyber attacks are increasing at an alarming rate every year, so much so, that statistics estimate that cybercrime will cost the global economy a colossal $6 trillion per year by 2021 - with Australia among the countries most targeted by significant cyber attacks, according to analysis by one software firm.

The US Central Intelligence Agency was given a sweeping authorisation to conduct covert cyber operations in 2018 by US President Donald Trump, and since then has hit Iran and other targets, a report claims.

One good thing about cyber attacks on Australia is the fact that they unearth a large number of highly talented cyber security professionals who have been hiding in the shadows. Given the dearth of talent in this sector, it is indeed a welcome development.

Israel has used just one zero-day vulnerability in attacks it has crafted during the period 2012-19, if research by the security firm FireEye's Mandiant Threat Intelligence group is to be believed.