Breaking News

PlayStation Plus Monthly Games for October: The Callisto Protocol, Farming Simulator 22, Weird West New Acer Nitro V 15 Laptop Makes Gaming More Accessible Xiaomi and Leica Camera AG present the Xiaomi 13T Series with Leica Optics KIOXIA introduces next generation e-MMC ver. 5.1-compliant embedded flash memory products Nikon releases the NIKKOR Z 135mm f/1.8 S Plena

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Pentagon, DHS And FBI Issued New Malware Warning For Windows Users

Pentagon, DHS And FBI Issued New Malware Warning For Windows Users

Enterprise & IT Feb 15,2020 0

Multiple U.S. government agencies have warned of a newly cybesecurity threat from North Korea.

According to the U.S. government, the warning “is the result of analytic efforts between the U.S. Department of Homeland Security, the U.S. Department of Defense, and the FBI to provide technical details on the tools and infrastructure used by cyber actors of the North Korean government.”

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD) have identified malware variants used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.

The U.S. government issued six new Malware Analysis Reports (MARs) and one updated MAR related to malicious cyber activity from North Korea. Each MAR is designed to enable network defenders to identify and reduce exposure to North Korean government malicious cyber activity. CISA encourages users and administrators to review these MARs for each malware variant listed below.

  • February 14, 2020: Malware Analysis Report (10265965-1.v1) – North Korean Trojan: BISTROMATH
  • February 14, 2020: Malware Analysis Report (10265965-2.v1) – North Korean Trojan: SLICKSHOES
  • February 14, 2020: Malware Analysis Report (10265965-3.v1) – North Korean Trojan: CROWDEDFLOUNDER
  • February 14, 2020: Malware Analysis Report (10271944-1.v1) – North Korean Trojan: HOTCROISSANT
  • February 14, 2020: Malware Analysis Report (10271944-2.v1) – North Korean Trojan: ARTFULPIE
  • February 14, 2020: Malware Analysis Report (10271944-3.v1) – North Korean Trojan: BUFFETLINE
  • February 14, 2020: Malware Analysis Report (10135536-8.v3) – North Korean Trojan: HOPLIGHT
    (updates October 31, 2019: Malware Analysis Report (10135536-8) – North Korean Trojan: HOPLIGHT, which updated April 10, 2019: Malware Analysis Report (10135536-8) – North Korean Trojan: HOPLIGHT)

Each MAR includes malware descriptions, suggested response actions, and recommended mitigation techniques. Users or administrators should flag activity associated with the malware and report the activity to CISA or the FBI Cyber Watch (CyWatch), and give the activity the highest priority for enhanced mitigation.

Bistromath, Slickshoes, Crowdedflounder, Hotcroissant, Artfulpie and Buffetline are variants of the VirusTotal. Hoplight is an update on a previous strain. If allowed to take root, the various strains of malware enable remote access to machines and networks, the download of further malicious software, as well as the exfiltration of credentials and files.

It is assumed that the same attackers thought responsible for the WannaCry ransomware attack in 2017 are likely behind these latest campaigns—referred to as Lazarus by the private sector and “Hidden Cobra” by the U.S. government.

CISA recommends the usual mitigation: patching as soon as practically possible; applying strong passwords to file sharing and broader IoT set-ups, including printers and other networked devices; use of updated antivirus software; email defense and user training on unknown senders and attachments; some levels of user monitoring to prevent dangerous activity; and restrictions on external drives and internet software downloads.

Tags: Cybersecuritymalwarecybercrime
Previous Post
Facebook and IBM Cancel San Francisco Appearances on Coronavirus Fears
Next Post
Google Could Pay Publishers for Displaying Their News

Related Posts

  • Intel and Microsoft Convert Malware to Images to Spot Threads Faster

  • Intel Confirms "Thunderspy" Risk in Thuerbolt Devices

  • GoDaddy Discloses Data Breach

  • Zoom Users' Data have Been on Sale on Dark Web: report

  • Apple Says 'No Evidence' iPhone Mail Bug Used Against Consumers

  • Malwarebytes Introduces VPN Service

  • Google Says State-backed Hackers Use Coronavirus For Phishing Attacks

  • Apple to Patch Serious iOS Vulnerability

Latest News

PlayStation Plus Monthly Games for October: The Callisto Protocol, Farming Simulator 22, Weird West
Gaming

PlayStation Plus Monthly Games for October: The Callisto Protocol, Farming Simulator 22, Weird West

New Acer Nitro V 15 Laptop Makes Gaming More Accessible
Enterprise & IT

New Acer Nitro V 15 Laptop Makes Gaming More Accessible

Xiaomi and Leica Camera AG present the Xiaomi 13T Series with Leica Optics
Cameras

Xiaomi and Leica Camera AG present the Xiaomi 13T Series with Leica Optics

KIOXIA introduces next generation e-MMC ver. 5.1-compliant embedded flash memory products
Cameras

KIOXIA introduces next generation e-MMC ver. 5.1-compliant embedded flash memory products

Nikon releases the NIKKOR Z 135mm f/1.8 S Plena
Cameras

Nikon releases the NIKKOR Z 135mm f/1.8 S Plena

Popular Reviews

Pioneer BDR-S13U-X Blu-Ray Recorder

Pioneer BDR-S13U-X Blu-Ray Recorder

Pioneer BDR-X13U-S

Pioneer BDR-X13U-S

Pioneer BDR-XD08UMB-S External Blu-Ray Recorder

Pioneer BDR-XD08UMB-S External Blu-Ray Recorder

Arctic Liquid Freezer II 360 Α-RGB

Arctic Liquid Freezer II 360 Α-RGB

Surefire KINGPIN M2 Keyboard

Surefire KINGPIN M2 Keyboard

Verbatim External 4K Slimline Blu-Ray Recorder

Verbatim External 4K Slimline Blu-Ray Recorder

Samsung 970 EVO Plus 2TB NVME SSD

Samsung 970 EVO Plus 2TB NVME SSD

Crucial X8 4TB PortableSSD

Crucial X8 4TB PortableSSD

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed