Security: Mac Malware, Spectre and Meltdown, Open Source Security Podcast, Kodi FUD and Sofacy

  • Steep rise in malware threats to Mac: report

    Malware targeting Mac operating systems more than doubled from 2016 to 2017, according to a new report which reveals that in 2017 alone, Mac threats increased more than 270%.

  • Are Spectre and Meltdown just hype? [Ed: No!]

    Often, it’s the dramatic things that get our attention and what we see as a risk. We’re more scared of flying than of driving, and terrified of snakes and spiders when we’re more at risk from the common cold. So, do our fears lie in the right place?

    There has been much hype around the Spectre and Meltdown vulnerabilities that emerged in January, a huge impact in the world of software vulnerabilities. While some of this is justified by the fact that those vulnerabilities affected a majority of all processors in the market, the reality is that this was just another vulnerability on top of all the others in the market, which security professionals need to assess and manage every day.

  • Open Source Security Podcast: Episode 87 – Chat with Let’s Encrypt co-founder Josh Aas
  • McAfee Security Experts Weigh-in Weirdly With “Fresh Kodi Warning”

    Something is not right in Tabloid Land. An article published this week in the The Express cites experts from McAfee talking about a “fresh Kodi warning” that “might stop you streaming illegally FOREVER.” Not only is no new threat even touched upon in the piece, but one of the McAfee experts thinks that Kodi “is a streaming site”.

  • Security firm says Sofacy is starting to target organizations in Middle East, Central Asia

    Kaspersky Lab researchers say that a hacking group widely believed to be linked to the Russian government has been executing cyberattacks against a new set of targets in the Far East, including military, defense and diplomatic organizations, according to a new report.

  • Masha and these Bears

    Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a prolific, well resourced, and persistent adversary. They are sometimes portrayed as wild and reckless, but as seen under our visibility, the group can be pragmatic, measured, and agile. Our previous post on their 2017 activity stepped away from the previously covered headline buzz presenting their association with previously known political hacks and interest in Europe and the US, and examines their under-reported ongoing activity in middle east, central asia, and now a shift in targeting further east, including China, along with an overlap surprise. There is much understated activity that can be clustered within this set and overlap in APT activity. Here, we examine current deployment, code, cryptography, and targeting.

read more

You may also like...