threat updates
UK
The National Cyber Security Centre’s Active Cyber Defence
report for 2019 has been published. It has revealed how the
NCSC successfully prevented a scam to defraud thousands
of UK citizens using a fake email address spoofing a UK
airport, among thwarting other cyberattacks.
Details of the criminal campaign are just one case study
of many in Active Cyber Defence – The Second Year, the
latest comprehensive analysis of the NCSC’s world-leading
programme to protect the UK from cyberattacks.
Other key findings for 2018 from the second ACD report
include, in 2018 the NCSC took down 22,133 phishing
campaigns hosted in UK delegated IP space, totalling
142,203 individual attacks; and 14,124 UK government-
related phishing sites were removed.
Visit ncsc.gov.uk/news/active-cyber-defence-report-2019
to access the full report.
GLOBAL
Kaspersky researchers have discovered that the Russian-
speaking threat actor Turla has revamped its toolset: wrapping
its famous JavaScript KopiLuwak malware in a new dropper
called Topinambour, creating two similar versions in other
languages and distributing its malware through infected
installation packs for software that circumvents Internet
censorship, among others.
Researchers believe these measures are designed to minimise
detection and precision target victims. Topinambour was spotted
in an operation against government entities at the start of 2019.
Turla is said to be a high-profile Russian-speaking threat actor
with a known interest in cyberespionage against government and
diplomatic related targets.
It has a reputation for being innovative and for its signature
KopiLuwak malware, first observed in late 2016. In 2019,
Kaspersky researchers uncovered new tools and techniques
introduced by the threat actor that increase stealth and help to
minimise detection.
24
Issue 16
|
www.intelligentciso.com