BU-CERT News

From securityboulevard.com

This past week @propublica linked to a really spiffy resource for getting an overview of a Twitter user’s profile and activity called accountanalysis. It has a beautiful interface that works as well on mobile as it does in a real browser. It also is fully interactive and supports cross-filtering (zoom in on the timeline and the other graphs change). It’s especially great if you’re not a coder, but if you are, @kearneymw’s {rtweet} can get you all this info and more, putting the power of R behind data frames full of tweet inanity.

While we covered quite a bit of {rtweet} ground in the 21 Recipes book, summarizing an account to the degree that accountanalysis does is not in there. To rectify this oversight, I threw together a static clone of accountanalysis that can make standalone HTML reports like this one.

Read more…

From bleepingcomputer.com

A remote access Trojan (RAT) dubbed InnfiRAT comes with extensive capabilities to steal sensitive information, including cryptocurrency wallet data. Zscaler’s ThreatLabZ team took a closer look at its inner workings, although the malware has been in the wild for a while.

The earliest this RAT was spotted is November 2017, according to security researcher James_inthe_box, but this is the first time it was analyzed more seriously.

Read more…

From gbhackers.com

U.S. Department of the Treasury’s declare sanctions targeting three North Korean state-sponsored hacker group responsible for attacking Critical Infrastructure.

Office of Foreign Assets Control (OFAC) identified that three hacking groups namely “Lazarus Group,” “Bluenoroff,” and “Andariel” are controlled by North Korea’s primary intelligence bureau.

Read more…

From bbc.co.uk

Saudi Arabia has cut oil and gas production following drone attacks on two major oil facilities run by state-owned company Aramco.

Energy Minister Prince Abdulaziz bin Salman said the strikes had reduced crude oil production by 5.7m barrels a day – about half the kingdom’s output.

A Yemeni Houthi rebel spokesman said it had deployed 10 drones in the attacks.

US Secretary of State Mike Pompeo blamed the attacks on Iran saying there was no evidence they came from Yemen.

Read more…

From gbhackers.com

Data Governance: Companies today must do all they can to create advantages against the competition.

This means using all available resources to their advantage and creating an internal environment that supports fast growth and an ability to adapt to and even interpret changing business conditions.

One critical tool today is data. The collection and management of data surrounding company activities have come to the forefront of business and allows an enterprise to know their customers better, develop, position and market their products more effectively, and understand how to make their organizations more efficient.   

Read more…

From gbhackers.com

Cybersecurity is an evolving market, and organizations are always advised to keep their network armed and secured against cybercriminals. Considering the recent sophisticated cyberattacks, Airforce is one key area to explore.

US Cyber Command along with NSA does have a competitive cybersecurity advantage in the global market of cybersecurity. The United States is additionally one among the top five countries in the cybersecurity industry.

Read more…

From securityboulevard.com

In our news-heavy world, there isn’t a lot that surprises
us anymore. But there are a few questions we’re surprised to receive in our
technologically advanced era. One of the most critical of which is “what is
phishing?” It’s not always this exact question, however. Sometimes, it’s
one variety or another of the same question that’s just phrased differently,
such as “what does phishing mean?” “what is a phishing attack?” or “what is a phishing email?”

Read more…