This report provides a summary of OverWatch’s findings from intrusion hunting during the first half (January through June) of 2018. It reviews intrusion trends during that time frame, provides insights into the current landscape of adversary tactics and delivers highlights of notable intrusions OverWatch identified. OverWatch specifically hunts for targeted adversaries. Therefore, this report’s findings cover state-sponsored and targeted eCrime intrusion activity, not all forms of attacks.

Long gone are the simple days of malware threats only being associated with the computers on our desks or at our business offices. Today, we’ve all become accustomed to malware infiltrating our homes and pockets across a variety of platforms, be that our telephones, tablets, smart TV or even ‘connected’ devices such as our fridges. Whilst malware can be tailored for different platforms and differ in their abilities or functionality, the overall taxonomy remains very much the same. Back in the ‘halcyon’ days many malware authors released their wares for fun, ‘lulz’ in modern parlance, today most are criminally motivated and driven by financial gain, ideology, revenge and nation state doctrine. The objective of these attacks, and the compromised devices or networks, are typically similar and result in the threat actor gaining access, leading to the theft of confidential and personal information, or disrupting the operations and functionality.

This report takes a look at the “Key Reinstallation Attack” VULN that works against all modern protected Wi-Fi- networks.

This paper provides information on Bad Rabbit a new ransomware roving the internet.

This report offers information related to an ATM Jackpotting kit for sale on darknet.

This paper offers insight into QR code usage and user interest and suggests that organizations should take time to consider and familiarize themselves with the potential security ramifications.

In light of the new development of Crypto Currency, this paper can begin to address important questions about the outlook for digital currencies, including: If individuals lose trust in alternative coins and no longer see them as profitable, then what does this mean for the future of cryptocurrencies? How will the cryptocurrency landscape change in 2018? And will cryptocurrency fraud ultimately obstruct the rapid growth of digital currencies worldwide?

To lure unsuspecting consumers to fake websites to purchase counterfeit goods, cybercriminals abuse the Domain Name System (DNS) – every day, every hour, every minute. In this report, “Luxury Brands, Cheap Domains: Why Retailers Are Losing The Fight Against Online Counterfeiting,” cybersecurity firms Farsight Security and DomainTools, the leaders in DNS intelligence, took a close look at four international luxury brand domains and learned that the potential abuse of their brand, by counterfeiting and other malicious activities, is significant.

This report offers a helpful look at Mobile Banking Trojans.

The purpose of this document is to briefly describe the features of Necurs malware. During the analysis, we have been able to identify the different “features” and “capabilities” of the Necurs malware.

Guided by Threat Compass, the Blueliv’s Annual Cyberthreat Landscape Report takes a birds-eye view of the major events and trends of last year. The Threat Intelligence analysts at Blueliv then offer their insight into an ever-more sophisticated cybercrime industry for 2018.

From the report, “While the developers of this Guide strongly support the important role that governments play in convening a diverse ecosystem, the imposition of prescriptive, compliance-focused regulatory requirements will inhibit the security innovation that is key to staying ahead of today’s sophisticated threats. Moreover, earlier policy efforts were based on utopian solutions to these threats, premised on the notions that internet service providers (ISPs) can simply shut down all botnets, or that manufacturers can make all devices universally secure. Instead, dynamic, flexible solutions that are informed by voluntary consensus standards, driven by market demands, and implemented by stakeholders throughout the global digital economy, are the better answer to these evolving systemic challenges.”

From the report, “Our survey examined the most common malware threats that organizations are grappling with, how often those threats result in actual compromises, and the challenges involved in responding to them. Respondents included CIOs, CTOs, CSOs, IT directors, network administrators, and senior executives from organizations in more than 20 industries.”

“Threat intelligence has become a significant weapon in the fight against cybersecurity threats, and a large majority of organizations have made it a key part of their security programs. Among the key findings of the report are that organizations are leveraging threat intelligence data for a number of use cases, and many rate themselves fairly competent in their use of threat intelligence to identify and remediate cyber threats. The most common benefits of threat intelligence platforms include better threat analysis, faster detection and response, more efficient security operations, and better visibility into threats.”

“Despite the massive impact the WannaCry ransomware attack had on businesses across the globe and the immediate changes to security practices following it, a year later businesses still have a reactive approach and struggle to implement comprehensive security policies that target employees and management. With cyber threats evolving so rapidly, businesses need to learn how to be quick on their toes and expedite the development and enforcement of cyber security policies to better prevent future breaches.”

“Almost immediately following the WannaCry cyberattack, the NotPetya malware affected countries and organisations around the globe that had strikingly similar repercussions and lessons to take away. This attack exemplified the chronic failings organisations and nation-states continue to have despite the blatant and ongoing threats cyberspace poses. With cyber threats remaining a critical issue for organisations, there is still a great deal organisations need to do to mitigate these for future resilience.”

This report offers insight into the Cyber security landscape of The People’s Republic of Korea.

“Organizations in the healthcare industry have been in the news a number of times in recent years as a result of significant cyber attacks. In 2017, WannaCry made global headlines as its impact to the UK’s National Health Service (NHS) became known. Other attacks have seen health records stolen or ransoms paid to keep critical systems online at hospitals. Understanding the nature of the threats to the healthcare industry helps define effective ways to counter these threats and help to prevent them from making future headlines.”

This report offers insight into the cyber security profile of the United States Of America.

From the report, “The cyber attacks targeting political elections is in full swing as the 115th United States midterm elections grow closer. The exploitation of vulnerabilities and direct cyber attacks targeting election-related entities are somewhat expected; however, a different form of cyber attack has the potential to have a disruptive impact to the elections: disinformation campaigns. The use of disinformation tactics in today’s social media-obsessed society is the most prominent threat to the democratic process. This form of attack is at a significant and troublesome level that the average voter may not be fully aware of.” Read on to learn more.

This report offers a view of The Republic of South Africa. And takes a look at the Threat Landscape of that nation.