Page 17 - Threat Intelligence Brief 9-13-2019
P. 17

North Korean Malicious Cyber Activity
             The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation
             (FBI) have identified two malware variants—referred to as ELECTRICFISH and BADCALL—used by
             the North Korean government. The U.S. Government refers to malicious cyber activity by the North
             Korean government as HIDDEN COBRA. CISA encourages users and administrators to review the
             HIDDEN COBRA - North Korean Malicious Cyber Activity page, which contains links to Malware
             Analysis Reports MAR-10135536-21 and MAR-10135536-10, for more information.


             FBI Safe Online Surfing Challenge
             The Federal Bureau of Investigation (FBI) has launched the Safe Online Surfing (SOS) Challenge,
             encouraging educators to promote web literacy and safety for students during the 2019-20 school
             year. FBI developed the program to educate children on how to navigate the web securely using
             activities that correspond with specific grade levels. Public, private, and home schools with at least
             five students are eligible to participate in the online challenge. The Cybersecurity and Infrastructure
             Security Agency (CISA) encourages users to review the FBI SOS Challenge Announcement and the
             CISA Tip Keeping Children Safe Online.

             U.S. Cyber Command Shares 11 New Malware Samples
             U.S. Cyber Command has released 11 malware samples to the malware aggregation tool and
             repository, VirusTotal. The Cybersecurity and Infrastructure Security Agency (CISA) encourages users
             and administrators to review U.S. Cyber Command’s VirusTotal page to view the samples. CISA also
             recommends users and administrators review the CISA Tip on Protecting Against Malicious Code for
             best practices on protecting systems and networks against malware.


             Vulnerabilities and Indicators of Compromise



                    ➢ Weekly Vulnerability Summary from US-CERT
                    ➢ Talos weekly alerts
                    ➢ 1B Mobile Users Vulnerable to Ongoing ‘SimJacker’ Surveillance Attack
                    ➢ New WiryJMPer Dropper Hides Netwire RAT Payloads in Plain Sight
                    ➢ Most Android flashlight apps request an absurd number of permissions
                    ➢ COBALT DICKENS Goes Back to School…Again
                    ➢ IoT Attack Opportunities Seen in the Cybercrime Underground

















                                                   “New security loopholes are constantly popping up because of wireless

                                                       networking. The cat-and-mouse game between hackers and system
                                                                                       administrators is still in full swing.”



                                                                                                            Kevin Mitnick
   12   13   14   15   16   17   18   19   20