Thursday, 28 March 2019

Microsoft Hurts Charming Kitten (aka the APT35 Iran Hacking Group)


Microsoft has damaged a hacking group thought to be run by the Iranian military. APT35—also known as Charming Kitten, Ajax and Phosphorus—has now lost control of 99 internet domains it was using in spear-phishing attacks on journalists and activists.

Redmond’s finest had to ask a court to grant it control of the malicious Purr-sian domains, such as outlook-verify.net. Now it is able to prevent web users from being phished and can collect valuable intelligence on APT35’s naughty tactics.

Go back to sleep, tiny cat. In today’s SB Blogwatch, we destroy your furniture.


Read more: securityboulevard.com/2019/03/microsoft-hurts-charming-kitten-aka-the-apt35-iran-hacking-group

ASUS ShadowHammer backdoor: Was China to blame?



ASUS laptops infected by the “ShadowHammer” malware were targeted by the People’s Republic of China. At least, that’s the implication of a Kaspersky Labs’ researcher.

Mind you, Kaspersky is alleged to be rather close to a certain other state. So a pinch of salt might be indicated.

Whoever’s responsible, there are worrying implications for the future of state-sponsored cyber-ops. In this week’s Security Blogwatch, everything looks like a nail.


Read more: techbeacon.com/security/asus-shadowhammer-backdoor-was-china-blame

Tuesday, 26 March 2019

Apple Credit Card: Not So Secure, nor Private


Apple Card is here. It boasts anti-fraud security features and interesting privacy promises.

But is there much that’s new here? Probably not: People are saying it’s just a glossy sheen on top of existing technologies, and the privacy aspect ain’t all that.

What gives? In today’s SB Blogwatch, we wonder what all the fuss is about.


Read more: securityboulevard.com/2019/03/apple-credit-card-not-so-secure-nor-private