|
Advanced Persistent Threat 34
Helix Kitten (also known as APT34 by FireEye, OILRIG, Crambus, Cobalt Gypsy, Hazel Sandstorm, or EUROPIUM) is a hacker group identified by CrowdStrike as Iranian. History The group has reportedly been active since at least 2014. It has targeted many of the same organizations as Advanced Persistent Threat 33, according to John Hultquist. In April 2019, APT34's cyber-espionage tools' source code was leaked through Telegram. Targets The group has reportedly targeted organizations in the financial, energy, telecommunications, and chemical industries, as well as critical infrastructure systems. Techniques APT34 reportedly uses Microsoft Excel macros, PowerShell-based exploits and social engineering Social engineering may refer to: * Social engineering (political science), a means of influencing particular attitudes and social behaviors on a large scale * Social engineering (security), obtaining confidential information by manipulating and/or ... to gain access to its targets. Re ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Advanced Persistent Threat
An advanced persistent threat (APT) is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals. Such threat actors' motivations are typically political or economic. Every major business sector has recorded instances of cyberattacks by advanced actors with specific goals, whether to steal, spy, or disrupt. These targeted sectors include government, defense, financial services, legal services, industrial, telecoms, consumer goods and many more. Some groups utilize traditional espionage vectors, including social engineering, human intelligence and infiltration to gain access to a physical location to enable network attacks. The purpose of these attacks is to install custom malware (malicious software). The median "dwell-tim ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Wired (magazine)
''Wired'' (stylized as ''WIRED'') is a monthly American magazine, published in print and online magazine, online editions, that focuses on how emerging technologies affect culture, the economy, and politics. Owned by Condé Nast, it is headquartered in San Francisco, California, and has been in publication since March/April 1993. Several spin-offs have been launched, including ''Wired UK'', ''Wired Italia'', ''Wired Japan'', and ''Wired Germany''. From its beginning, the strongest influence on the magazine's editorial outlook came from founding editor and publisher Louis Rossetto. With founding creative director John Plunkett, Rossetto in 1991 assembled a 12-page prototype, nearly all of whose ideas were realized in the magazine's first several issues. In its earliest colophon (publishing), colophons, ''Wired'' credited Canadian media theorist Marshall McLuhan as its "patron saint". ''Wired'' went on to chronicle the evolution of digital technology and its impact on society. ' ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
PowerShell
PowerShell is a task automation and configuration management program from Microsoft, consisting of a command-line shell and the associated scripting language. Initially a Windows component only, known as Windows PowerShell, it was made open-source and cross-platform on 18 August 2016 with the introduction of PowerShell Core. The former is built on the .NET Framework, the latter on .NET Core. In PowerShell, administrative tasks are generally performed via ''cmdlets'' (pronounced ''command-lets''), which are specialized .NET classes implementing a particular operation. These work by accessing data in different data stores, like the file system or Windows Registry, which are made available to PowerShell via ''providers''. Third-party developers can add cmdlets and providers to PowerShell. Cmdlets may be used by scripts, which may in turn be packaged into modules. Cmdlets work in tandem with the .NET API. PowerShell's support for .NET Remoting, WS-Management, CIM, and SSH enabl ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Macro (computer Science)
In computer programming, a macro (short for "macro instruction"; ) is a rule or pattern that specifies how a certain input should be mapped to a replacement output. Applying a macro to an input is known as macro expansion. The input and output may be a sequence of lexical tokens or characters, or a syntax tree. Character macros are supported in software applications to make it easy to invoke common command sequences. Token and tree macros are supported in some programming languages to enable code reuse or to extend the language, sometimes for domain-specific languages. Macros are used to make a sequence of computing instructions available to the programmer as a single program statement, making the programming task less tedious and less error-prone. (Thus, they are called "macros" because a "big" block of code can be expanded from a "small" sequence of characters.) Macros often allow positional or keyword parameters that dictate what the conditional assembler program ge ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Microsoft Excel
Microsoft Excel is a spreadsheet developed by Microsoft for Windows, macOS, Android and iOS. It features calculation or computation capabilities, graphing tools, pivot tables, and a macro programming language called Visual Basic for Applications (VBA). Excel forms part of the Microsoft Office suite of software. Features Basic operation Microsoft Excel has the basic features of all spreadsheets, using a grid of ''cells'' arranged in numbered ''rows'' and letter-named ''columns'' to organize data manipulations like arithmetic operations. It has a battery of supplied functions to answer statistical, engineering, and financial needs. In addition, it can display data as line graphs, histograms and charts, and with a very limited three-dimensional graphical display. It allows sectioning of data to view its dependencies on various factors for different perspectives (using '' pivot tables'' and the ''scenario manager''). A PivotTable is a tool for data analysis. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Critical Infrastructure
Critical infrastructure (or critical national infrastructure (CNI) in the UK) is a term used by governments to describe assets that are essential for the functioning of a society and economy – the infrastructure. Most commonly associated with the term are facilities for: * Shelter; Heating (e.g. natural gas, fuel oil, district heating); * Agriculture, food production and distribution; * Education, skills development and technology transfer / basic subsistence and unemployment rate statistics; * Water supply (drinking water, waste water/sewage, stemming of surface water (e.g. dikes and sluices)); * Public health (hospitals, ambulances); * Transportation systems (fuel supply, railway network, airports, harbours, inland shipping); * Security services (police, military). * Electricity generation, transmission and distribution; (e.g. natural gas, fuel oil, coal, nuclear power) ** Renewable energy, which are naturally replenished on a human timescale, such as sunlight, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
ZDNet
ZDNET is a business technology news website owned and operated by Red Ventures. The brand was founded on April 1, 1991, as a general interest technology portal from Ziff Davis and evolved into an enterprise IT-focused online publication. History Beginnings: 1991 to 1995 ZDNET began as a subscription-based digital service called "ZiffNet" that offered computing information to users of CompuServe. It featured computer industry forums, events, features and searchable archives. Initially, ZiffNet was intended to serve as a common place to find content from all Ziff-Davis print publications. As such, ZiffNet was an expansion on an earlier online service called PCMagNet for readers of PC Magazine. Launched in 1988, PCMagNet in turn was the evolution of Ziff Davis' first electronic publishing venture, a bulletin board, which launched in 1985. On June 20, 1995, Ziff-Davis announced the consolidation of its online information services under a single name, ''ZD Net''. The servi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Telegram (software)
Telegram Messenger is a globally accessible freemium, cross-platform, encrypted, cloud-based and centralized instant messaging (IM) service. The application also provides optional end-to-end encrypted chats, popularly known as secret chat and video calling, VoIP, file sharing and several other features. It was launched for iOS on 14 August 2013 and Android on 20 October 2013. The servers of Telegram are distributed worldwide with five data centers in different parts of the world, while the operational center is based in Dubai, United Arab Emirates. Various client apps are available for desktop and mobile platforms including official apps for Android, iOS, Windows, macOS, and Linux (although registration requires an iOS or Android device and a working phone number). There are also two official Telegram web twin apps, WebK and WebZ, and numerous unofficial clients that make use of Telegram's protocol. Telegram's official components are open source, with the exception of t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Advanced Persistent Threat 33
Advanced Persistent Threat 33 (APT33) is a hacker group identified by FireEye as being supported by the government of Iran. The group has also been called Refined Kitten (by Crowdstrike), Magnallium (by Dragos), and Holmium (by Microsoft). History FireEye believes that the group was formed no later than 2013. Targets APT33 has reportedly targeted aerospace, defense and petrochemical industry targets in the United States, South Korea, and Saudi Arabia. Modus operandi APT33 reportedly uses a dropper program designated DropShot, which can deploy a wiper called ShapeShift, or install a backdoor called TurnedUp. The group is reported to use the ALFASHELL tool to send spear-phishing emails loaded with malicious HTML Application files to its targets. APT33 registered domains impersonating many commercial entities, including Boeing, Alsalam Aircraft Company, Northrop Grumman and Vinnell. Identification FireEye and Kaspersky Lab noted similarities between the ShapeShift and Shamoon, an ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
CrowdStrike
CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides cloud workload and endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of several high-profile cyberattacks, including the 2014 Sony Pictures hack, the 2015–16 cyber attacks on the Democratic National Committee (DNC), and the 2016 email leak involving the DNC. History CrowdStrike was co-founded by George Kurtz (CEO), Dmitri Alperovitch (former CTO), and Gregg Marston (CFO, retired) in 2011. In 2012, Shawn Henry, a former Federal Bureau of Investigation (FBI) official, was hired to lead the subsidiary CrowdStrike Services, Inc., which focused on proactive and incident response services. In June 2013, the company launched its first product, CrowdStrike Falcon, which provided endpoint protection, threat intelligence and attribution. In May 2014, CrowdStrike's reports assisted the United States ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cyberespionage
Cyber spying, or cyber espionage, is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information from individuals, competitors, rivals, groups, governments and enemies for personal, economic, political or military advantage using methods on the Internet, networks or individual computers through the use of proxy servers, cracking techniques and malicious software including Trojan horses and spyware. It may wholly be perpetrated online from computer desks of professionals on bases in far away countries or may involve infiltration at home by computer trained conventional spies and moles or in other cases may be the criminal handiwork of amateur malicious hackers and software programmers. Details Cyber spying typically involves the use of such access to secrets and classified information or control of individual computers or whole networks for a strategic advantage and for psychological, political and physical subvers ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
FireEye
Trellix (formerly FireEye and McAfee Enterprise) is a privately held cybersecurity company founded in 2022. It has been involved in the detection and prevention of major cyber attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks. In March 2021, Symphony Technology Group (STG) announced its acquisition of McAfee Enterprise in an all-cash transaction for $4.0 billion. STG completed the acquisition of McAfee’s Enterprise business in July 2021 with plans for re-branding. In June 2021, FireEye sold its name and products business to STG for $1.2 billion. STG combined FireEye with its acquisition of McAfee's enterprise business to launch Trellix, an extended detection and response (XDR) company. Meanwhile, McAfee Enterprise's security service edge (SSE) business would operate as a separate company to be known as Skyhigh Security. History FireEye was founded in 2004 by Ashar ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
