A Review of the Best News of the Week on Cyber Threats & Defense

Chinese Hackers Target Air-Gapped Military Networks (SecurityWeek, May 15 2020)
A threat actor believed to be operating out of China has been targeting physically isolated military networks in Taiwan and the Philippines, Trend Micro reports.

Attackers Routinely Use Older Vulnerabilities to Exploit Businesses, US Cyber Agency Warns (Dark Reading, May 13 2020)
Security issues in Microsoft products dominate the US government’s top 10 list of commonly exploited vulnerabilities, but Apache Struts, Adobe Flash, and Drupal are also routinely targeted.

US Government Exposes North Korean Malware (Schneier on Security, May 14 2020)
US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~14,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

CISA releases analysis of three Hidden Cobra malware variants (SC Media, May 13 2020)
The Cybersecurity and Infrastructure Security Agency (CISA) and two other federal agencies issued malware analysis reports (MAR) for three North Korean-government operated APTs and trojans. The malware analyzed by CISA, the Department of Defense and the FBI are code-named Copperhedge, Taintedscribe and Pebbledash…

UK Supercomputing Service ARCHER Still Offline After Monday Attack (Dark Reading, May 15 2020)
Incident comes amid US warnings about Chinese cybergroups targeting organizations involved in COVID-19-related research.

Website Attacks Become Quieter & More Persistent (Dark Reading, May 12 2020)
Threat actors have pivoted from noisy attacks to intrusions where stealth and ROI are primary goals, new report says.

Advanced attack scenarios and sabotage of smart manufacturing environments (Help Net Security, May 13 2020)
Advanced hackers could leverage unconventional, new attack vectors to sabotage smart manufacturing environments, according to Trend Micro.

Lukas Stefanko: How we fought off a DDoS attack from a mobile botnet (WeLiveSecurity, May 12 2020)
Hot on the heels of his research into an attack that attempted to take down ESET’s website, Lukas Stefanko sheds more light on threats posed by mobile botnets

Criminals boost their schemes with COVID-19 themed phishing templates (Help Net Security, May 15 2020)
Phishers are incessantly pumping out COVID-19 themed phishing campaigns and refining the malicious pages the targets are directed to.

Microsoft Open Sources Its Coronavirus Threat Data (Dark Reading, May 15 2020)
Microsoft’s COVID-19 intelligence will be made publicly available to help businesses fight virus-related security threats.

Security threats associated with shadow IT (Help Net Security, May 18 2020)
As cyber threats and remote working challenges linked to COVID-19 continue to rise, IT teams are increasingly pressured to keep organizations’ security posture intact.

Police Catch Suspects Planning #COVID19 Hospital Ransomware (Infosecurity Magazine, May 18 2020)
Four arrested in Romania and Moldova

API Attacks Increase During Lockdown (Infosecurity Magazine, May 15 2020)
Threat researchers observe API endpoints taking a hammering during health pandemic

Transportation Agency Hacked in 2nd Texas Government Attack (SecurityWeek, May 18 2020)
Texas’ transportation agency has become the second part of the state government to be hit by a ransomware attack in recent days.