If you have any problems with your access or would like to request an individual access account please contact our customer service team.

This webinar will explore organisations’ strategic goals for AST, and to what extend they are integrating it into their DevOps environment and building a holistic AppSec program.

In this webinar we explore the attitudes and experiences around hybrid and multi-cloud strategy amongst the enterprise today, as well as the tools and methods organisations are adopting to help manage their diverse computing environments. It will also reveal the main motivations, benefits and obstacles to successfully taking a multi-cloud approach, and identify where businesses are placing different types of workload.

Computing’s DevOps Excellence Awards showcases outstanding achievement from organisations, personalities and solutions operating within the DevOps space.

We welcome you to join us for a special IT Leaders Forum on Monday 19th October, where we will be discussing practical answers to common DevOps scalability.

This white paper details 7 case studies of attacks that were intercepted and neutralised by Darktrace cyber defense AI, including a zero-day trojan in a manufacturing company’s network. Learn how Darktrace Antigena AI Response modules fight back autonomously, no matter where a threat may emerge, extending to the Cloud, Email and SaaS.

This white paper explores how cloud is a security blind spot for many organisations who struggle with the limited visibility and control in this new environment, where their existing security tools are often not applicable.

Welcome to Computing’s Spotlight section, where we focus in on particularly important themes and topics of enterprise IT.

Essential for the senior IT professional, Computing produce high-calibre conferences, web-seminars, awards and events including the Computing IT Leaders Forum and the UK IT Industry Awards with the BCS.

These RSS feeds are provided for personal use. Re-publication of Computing articles via RSS on another website is a breach of copyright and is prohibited. If in doubt please contact us.

If you have any problems with your access or would like to request an individual access account please contact our customer service team.

Researchers from cyber security firm ESET have uncovered a hacking group that has been active since 2011 and is stealing sensitive documents from government and private entities in the Eastern Europe and the Balkans.

Dubbed XDSpy, this group appears to be a state-sponsored APT group, the researchers said. Its activities were first revealed in February 2020 when the Belarusian computer emergency response team warned government agencies in the country about a threat group that was attempting to target Belarusian ministries in order to steal secret documents.

The ESET researchers say that XDSpy activities were not limited to just attacking Belarusian ministries. Its target list also included military, diplomatic and corporate entities in Ukraine, Russia, Serbia, Moldova and others.

According to researchers, XDSpy appears to be a previously unknown group –  its malware’s code shows little similarity with other known malware families. Moreover, XDSpy’s targets are somewhat uncommon, and that group has been using a network infrastructure that does not overlap with other groups’ infrastructure.

“The malware samples are slightly obfuscated using string obfuscation and dynamic Windows API library loading. Their main functions include the monitoring of removable drives, taking screenshots and exfiltrating documents,” the researcher noted.

XDSpy operators work only five days in a week – Monday to Friday – in time zones that match those of their targets.

To target a potential victim, hackers send spear-phishing emails containing malicious attachments, such as RAR, ZIP, Powerpoint, or shortcut LNK files. Some emails also contain a link to a malicious file.

Running any of these files downloads an additional script on the machine, which would further install the main malware component XDDown. The malware then downloads other secondary modules (XDREcon, XDList, XDMonitor, XDUpload, XDLoc, and XDPass) to perform a variety of specialised tasks.

ESET said it also found some modules coming with time-based killswitches to ensure that they are removed from the infected machine after a specific date.

In June 2020, the researchers observed XDSpy operators using the CVE-2020-0968 vulnerability in Internet Explorer to target victims. This security bug was patched by Microsoft in April 2020, and there was very little data available in public domain on the exploit at the time, suggesting that XDSpy operators either developed the exploit on their own or purchased it from an unnamed broker.

The exploit code bears some similarities to one used by DarkHotel, a threat group that is thought to be sponsored by the South Korean government and has previously targeted North Korean government agencies.

The group uses social engineering techniques to infect networks – but is only targetting Russian organisations, for now

Malaysian nationals allegedly helped Chinese hackers in their attempts to intrude into the networks of American firms

The bug in carrier-grade routers could allow a remote hacker to exhaust target device’s process memory by sending crafted IGMP traffic

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Source: https://www.computing.co.uk/news/4021151/previously-unknown-xdspy-hacker-group-stealing-sensitive-government-2011

Computer security, Hacker group, Computer

World news – GB – Previously unknown XDSpy hacker group has been stealing sensitive government data since 2011

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici https://www.css-engineering.com/en/works/


Please enter your comment!
Please enter your name here