In a previous article I explained what an APT looked like. Most organisations I talk to believe they are not likely to be a target of an APT, the logic being that they have nothing of interest that a foreign government would need. It is true certain organisations are more likely to be targeted by a foreign government, other government organisations for example, organisations that make up part of the critical national infrastructure, that would include most banks, oil and energy companies, broadcasters or power generating organisations, however... 

One of the big themes of InfoSec 2013 was APT’s. A number of talks specifically targeted (excuse the pun) this topic. The perception is that APT’s are state sponsored attacks, this perception is driven by the cost and resources required to implement this type of attack. The reality is however that if you have digital assets that are worth going after, you are at risk of this type of attacks. For those not in the specific anti-malware/anti-virus industry the definition of an Advanced Persistent Threat is not entirely clear. From... 

An ill wind is blowing. It use to be that we needed to be afraid of the script kiddies trying to penetrate our networks, then we needed to worry about the organised hackers, teaching each other their latest exploits, such as Cult of the Dead Cow, Anonymous or Lulz, but now we have sailed in to dangerous waters. Over the last few months we are seeing a lot more state sponsored activity. First it was Stuxnet, then Duqu and now the latest FLAME! Kaspersky Lab has discovered a new Worm/Trojan that they have code named Flame, and named within their Anti-Virus... 

Come July 9th this year 350,000 unsuspecting victims of the DNS Changer Malware will lose their ability to find websites on the internet. Unbeknown to the victims they were infected by the Malware which set about making significant changes to their systems. Changes included disabling Anti-Virus updates to stop the Malware from being detected, but more importantly the Malware changed Domain Name server settings. This meant that when a user submitted a request in their browser address line, to go to say, “Google.com” the request would be submitted... 

Russian hacker Petr Murmylyuk, also known as Dmitry Tokar was charged with conspiracy to commit wire fraud, unauthorized access to computers, and securities fraud. Murmylyuk is accused of being part of a ring that gained access to brokerage accounts from ETrade, Schweb, Scottrade and a number of other online brokerage firms. The ring, once they had access to the accounts would change the account contact details to email addresses and telephone numbers that routed to the hackers. Rather than change the bank details of the accounts, which would have...