ITG18: Operational Security Errors Continue to Plague Sizable Iranian Threat Group

X-Force researchers discovered a file named WhatsApp.apk (md5: a04c2c3388da643efef67504ef8c6907fb) on infrastructure associated with ITG18 operations. LittleLooter is a modified version of Android malware reported by third party researchers several years ago and has likely been in use for years prior to our association with this threat group. The new tool updates itself by downloading a zip file from a URL on the C2 server: http[:]//[C2server]/updates/update_[class name].zip”]

Source: https://securityintelligence.com/posts/itg18-operational-security-errors-plague-iranian-threat-group/

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

YubiKey Security: Initial Setup with Yubi Cloud

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

ZAP: Brute Force Passwords

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Categories

Partners

Just add here your partners image or promo text