As usual, it’s Friday and that means another security news wrap up for the week. So let’s get to it!
- First story of the week is from Kaspersky. They have a really good (as usual) analysis of the Emotet Banking Trojan. This particular trojan has some interesting features that differentiate it from some of the others we have seen recently. Very good read for anyone interested in details on this particular malware.
- Read More @ https://securelist.com/analysis/69560/the-banking-trojan-emotet-detailed-analysis/
- Next, a story by Krebs, sheds some details on the attack on “GitHub” and “GreatFire” from last week that looked to have originated from China. Now, there are additional details on this attack in what has been called the “Great Cannon”. Good read.
- Read More @ http://krebsonsecurity.com/2015/04/dont-be-fodder-for-chinas-great-cannon/
- New details have emerged on the breach of the non-classified “White House” network. Russian hackers are suspected to be behind the breach, and it looks like it was related to the breach of the “State Department” from last year.
- Read More @ www.infosecurity-magazine.com/news/white-house-russian-hackers-on-the
- Next, a good write up on a fairly new rat called “AlienSpy”. This seems to be the successor to the “Frutas” and “AdWind” RAT. Security researchers at General Dynamics have a good write up and analysis of this new RAT.
- Read More @ http://www.securityweek.com/consumers-enterprises-targeted-cross-platform-alienspy-rat
- Next, news on the privacy front. The infamous “Patriot Act” is up for renewal in a few months, and a new coalition has been created in order to fight the section 215 of the act, that deals with bulk data collection. Some of the organizations include the EFF, and the ACLU as well as others. Let’s hope they succeed.
- Read More @ https://threatpost.com/new-coalition-launches-fight-against-patriot-act-section-215/112070
- Researchers at McAfee, along with assistance from Europol and other security vendors have dealt a big blow to the “BeeBone” botnet responsible for spreading “ZeroAccess” Rootkit, “ZBot” banking trojan as well as several other pieces of malware. Number of infections for this botnet counted in the 5 million range, so a rather sizable botnet. Whether it will pop back up, as many do, is yet to be seen but either way it’s good news.
- Read more @ https://blogs.mcafee.com/mcafee-labs/takedown-stops-polymorphic-botnet