Breaking News

Samsung Brings the Ultimate Gaming Experience to 2021 Neo QLED and QLEDs GIGABYTE AORUS Gen4 7000s SSD- The Fastest PCIe 4.0 NVMe SSD TerraMaster Releases All-New TOS 4.2 Samsung Announces S21 series with new Galaxy Buds Pro Sony Launches Newest Addition to G Master Full-Frame Lens Series with the Indispensable FE 35mm F1.4 GM

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Pentagon, DHS And FBI Issued New Malware Warning For Windows Users

Pentagon, DHS And FBI Issued New Malware Warning For Windows Users

Enterprise & IT Feb 15,2020 0

Multiple U.S. government agencies have warned of a newly cybesecurity threat from North Korea.

According to the U.S. government, the warning “is the result of analytic efforts between the U.S. Department of Homeland Security, the U.S. Department of Defense, and the FBI to provide technical details on the tools and infrastructure used by cyber actors of the North Korean government.”

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified malware variants used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

The U.S. government issued six new Malware Analysis Reports (MARs) and one updated MAR related to malicious cyber activity from North Korea. Each MAR is designed to enable network defenders to identify and reduce exposure to North Korean government malicious cyber activity. CISA encourages users and administrators to review these MARs for each malware variant listed below.

  • February 14, 2020: Malware Analysis Report (10265965-1.v1) – North Korean Trojan: BISTROMATH
  • February 14, 2020: Malware Analysis Report (10265965-2.v1) – North Korean Trojan: SLICKSHOES
  • February 14, 2020: Malware Analysis Report (10265965-3.v1) – North Korean Trojan: CROWDEDFLOUNDER
  • February 14, 2020: Malware Analysis Report (10271944-1.v1) – North Korean Trojan: HOTCROISSANT
  • February 14, 2020: Malware Analysis Report (10271944-2.v1) – North Korean Trojan: ARTFULPIE
  • February 14, 2020: Malware Analysis Report (10271944-3.v1) – North Korean Trojan: BUFFETLINE
  • February 14, 2020: Malware Analysis Report (10135536-8.v3) – North Korean Trojan: HOPLIGHT
    (updates October 31, 2019: Malware Analysis Report (10135536-8) – North Korean Trojan: HOPLIGHT, which updated April 10, 2019: Malware Analysis Report (10135536-8) – North Korean Trojan: HOPLIGHT)

Each MAR includes malware descriptions, suggested response actions, and recommended mitigation techniques. Users or administrators should flag activity associated with the malware and report the activity to CISA or the FBI Cyber Watch (CyWatch), and give the activity the highest priority for enhanced mitigation.

Bistromath, Slickshoes, Crowdedflounder, Hotcroissant, Artfulpie and Buffetline are variants of the VirusTotal. Hoplight is an update on a previous strain. If allowed to take root, the various strains of malware enable remote access to machines and networks, the download of further malicious software, as well as the exfiltration of credentials and files.

It is assumed that the same attackers thought responsible for the WannaCry ransomware attack in 2017 are likely behind these latest campaigns—referred to as Lazarus by the private sector and “Hidden Cobra” by the U.S. government.

CISA recommends the usual mitigation: patching as soon as practically possible; applying strong passwords to file sharing and broader IoT set-ups, including printers and other networked devices; use of updated antivirus software; email defense and user training on unknown senders and attachments; some levels of user monitoring to prevent dangerous activity; and restrictions on external drives and internet software downloads.

Tags: Cybersecuritymalwarecybercrime
Previous Post
Facebook and IBM Cancel San Francisco Appearances on Coronavirus Fears
Next Post
Google Could Pay Publishers for Displaying Their News

Related Posts

  • Intel and Microsoft Convert Malware to Images to Spot Threads Faster

  • Intel Confirms "Thunderspy" Risk in Thuerbolt Devices

  • GoDaddy Discloses Data Breach

  • Zoom Users' Data have Been on Sale on Dark Web: report

  • Apple Says 'No Evidence' iPhone Mail Bug Used Against Consumers

  • Malwarebytes Introduces VPN Service

  • Google Says State-backed Hackers Use Coronavirus For Phishing Attacks

  • Apple to Patch Serious iOS Vulnerability

Latest News

Samsung Brings the Ultimate Gaming Experience to 2021 Neo QLED and QLEDs
Consumer Electronics

Samsung Brings the Ultimate Gaming Experience to 2021 Neo QLED and QLEDs

GIGABYTE AORUS Gen4 7000s SSD- The Fastest PCIe 4.0 NVMe SSD
PC components

GIGABYTE AORUS Gen4 7000s SSD- The Fastest PCIe 4.0 NVMe SSD

TerraMaster Releases All-New TOS 4.2
Enterprise & IT

TerraMaster Releases All-New TOS 4.2

Samsung Announces S21 series with new Galaxy Buds Pro
Smartphones

Samsung Announces S21 series with new Galaxy Buds Pro

Sony Launches Newest Addition to G Master Full-Frame Lens Series with the Indispensable FE 35mm F1.4 GM
Cameras

Sony Launches Newest Addition to G Master Full-Frame Lens Series with the Indispensable FE 35mm F1.4 GM

Popular Reviews

CeBIT 2005

CeBIT 2005

Zidoo Z9S 4K Media Player review

Zidoo Z9S 4K Media Player review

CeBIT 2006

CeBIT 2006

LiteOn iHBS112 review

LiteOn iHBS112 review

Club3D HD3850

Club3D HD3850

Crucial P1 NVMe 1TB SSD review

Crucial P1 NVMe 1TB SSD review

Hitachi DZ-MV100A DVD Camcorder

Hitachi DZ-MV100A DVD Camcorder

Toshiba Exceria M303 64GB and M501 Exceria Pro 64GB MicroSDXC review

Toshiba Exceria M303 64GB and M501 Exceria Pro 64GB MicroSDXC review

  • Home
  • News
  • Reviews
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed