Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 27 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

New advanced APT 'CozyDuke' taking aim at US targets the White House and State Department

by The Gurus
April 23, 2015
in Top 10 Stories
Share on FacebookShare on Twitter

Kaspersky Lab’s Global Research and Analysis Team has published a report describing a new advanced cyberespionage actor taking aim precisely at US targets, including, possibly, within both the White House and State Department.
The operation presents other alarming though fascinating aspects, such as involving crypto and anti-detection capabilities (the code hunts for several security products to evade: Kaspersky Lab, Sophos, DrWeb, Avira, Crystal, Comodo Dragon), strong malicious program functionality, and structural similarities mating this toolset with the MiniDuke, CosmicDuke and OnionDuke cyberespionage campaigns – operations believed to have Russian-speaking authors behind them due to certain indicators.
“The anti-detection capabilities of the CozyDuke APT are likely to become more widespread in APTs.” said Mike Spykerman, Vice President of Product Management at OPSWAT. “The best way to protect against malware that includes anti-AV protection is to use a multi anti-malware scanner that utilizes several different anti-malware engines. Not only does this significantly increase the malware detection rate, it also thwarts threats that try to target vulnerabilities in specific anti-virus engines. When using multiple engines, only one engine needs to detect the threat to be protected. The more engines you use, the less likely  the APT has anti-detection capabilities for all.”
The CozyDuke actor often spearphishes targets with emails containing a link to a hacked website – sometimes to high profile, legitimate ones such as ‘diplomacy.pl’ – which hosts a ZIP archive with malware inside. In other highly successful runs, this actor sends out phony flash videos with malicious executables directly as email attachments.

FacebookTweetLinkedIn
Tags: APTCosmicDukeCozyCukecyberespionageGovernmentKasperskyMiniDukeOnionDukeOPSWATState DepartmentUSWhite House
ShareTweet
Previous Post

Why source IT security auditing to external auditors?

Next Post

Wi-Fi Component Flaw Exposes Windows, Linux, OS X Systems

Recent News

CREST and IASME announce partnership with the NCSC to deliver Cyber Incident Exercising scheme

September 26, 2023
partnership

Cyberelements Partners with ABC Distribution Partners to Revolutionise Privileged Access Management in Europe

September 26, 2023
Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

September 25, 2023
Nurturing Our Cyber Talent

Nurturing Our Cyber Talent

September 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information