APT Attacks From 'Earth Estries' Hit Gov't, Tech With Custom Malware

A sophisticated threat actor managed to fly under the radar for three years, despite flexing serious muscle. [TechWeb]( Follow Dark Reading: [RSS]( August 31, 2023 LATEST SECURITY NEWS & COMMENTARY [APT Attacks From 'Earth Estries' Hit Gov't, Tech With Custom Malware]( A sophisticated threat actor managed to fly under the radar for three years, despite flexing serious muscle. [Chinese Group Spreads Android Spyware via Trojan Signal, Telegram Apps]( Thousands of devices have become infected with "BadBazaar," malware previously used to spy on Uyghur and Turkic ethnic minorities in China. [Performance-Enhanced Android MMRat Scurries Onto Devices via Fake App Stores]( The stealthy Trojan targets users in Southeast Asia, allowing attackers to remotely control devices to commit bank fraud. [New York Times Spoofed to Hide Russian Disinformation Campaign]( "Operation Doppelganger" has convincingly masqueraded as multiple news sites with elaborate fake stories containing real bylines of journalists, blasting them out on social media platforms. [In Airbnb, Cybercriminals Find a Comfortable Home for Fraud]( The popular travel rental site is an ideal destination for cybercrooks bent on taking over accounts and bookings. [Should Senior IT Professionals Be Accountable for Professional Decisions?]( Everyone makes mistakes — but what if your mistakes risk the security of millions of people? [4 Strategies to Safeguard the Finance Industry Against Deepfake Onslaught]( Through strategic measures and a united front, the finance industry can overcome the looming threat of deepfakes. [(Sponsored Article) 3 Mobile or Client-Side Security Myths Debunked]( The industry's understanding of mobile or client-side security is too limited, leaving many mobile apps vulnerable. Don't let these three myths lead you astray. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Rackspace Faces Massive Cleanup Costs After Ransomware Attack]( Eight months after the cyberattack, the cloud hosting services company's remediation costs top $10 million as it tries to repair the damage caused by the Play ransomware gang. [Meta Cripples China's Signature 'Spamouflage' Influence Op]( The social media giant is taking on Dragonbridge, the "largest known cross-platform covert influence operation in the world." [5 Ways to Prepare for Google's 90-Day TLS Certificate Expiration]( With bad guys frequently upping their game, security can't leave these protections to a once-a-year upgrade. [Here's What Your Breach Response Plan Might Be Missing]( The best way to withstand a data breach is to be prepared. Here are four elements that are easily overlooked in breach response plans. [MORE]( EDITORS' CHOICE [Sprawling Qakbot Malware Takedown Spans 700,000 Infected Machines]( "Operation Duck Hunt" is not likely to eliminate the initial access botnet forever, but the proactive removal of the malware from victim machines by law enforcement is one of the largest and most significant efforts of its kind. LATEST FROM THE EDGE [MOVEit Breach Shows Us SQL Injections Are Still Our Achilles' Heel]( SQL injection and its ilk will stop being "a thing" only after organizations focus on security by construction. LATEST FROM DR TECHNOLOGY [NIST Publishes First Draft Standards for Post-Quantum Cryptography]( Publication of the first draft PQC standards opens a 90-day period for public comment and paves the way for interoperability testing. LATEST FROM DR GLOBAL [Somalia Orders ISPs to Block Telegram and TikTok]( Officials said the apps were used to "spread horrific content and misinformation to the public." WEBINARS - [Passwords Are Passe: Next Gen Authentication for Today's Threats]( Cyber experts agree: end-user authentication needs more than the simple password. But what are the right tools and strategies for authentication in your organization? What does the world of passwordless look like for your organization? In this webinar, experts offer ... - [The Threat Hunter's Playbook: Mastering Cloud Defense Strategies]( Secure your spot now for this unforgettable cybersecurity adventure, filled with real-world examples, best practices, and expert insights from our threat research team. Level up your cloud security defense. When you attend this webinar, you will hear from the Sysdig's ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Digital Transformation and Connected Systems Have Opened the Door to New Threat Vectors]( - [Evaluating SASE for the Work-From-Anywhere Era]( - [2023 Work-From-Anywhere Global Study]( - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( [View More White Papers >>]( FEATURED REPORTS - [What Ransomware Groups Look for in Enterprise Victims]( Ransomware attackers cast a wide net -- they just care about causing damage, making money, and gaining new victims. That means no organization is automatically immune to attack just because of its size or industry. Organizations need to take steps ... - [How to Use Threat Intelligence to Mitigate Third-Party Risk]( The report discusses the various steps of a continuous third-party intelligence lifecycle: Data collection, Data classification, Data storage, Data analysis, reporting, dissemination, continuous monitoring, data governance, and choosing the right technology stack. The report also includes information about how attackers ... - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Everest Group Research: C-Suite Must Recognize Critical Difference Between Cybersecurity and Cyber Resilience]( [SPHERE Appoints Former Johnson & Johnson CISO Marene Allison to Board of Directors]( [Delinea Research Reveals a Cyber Insurance Gap]( [PurFoods Mom's Meals Reports Data Breach Exposing Social Security Numbers of Over 1.2 Million Consumers]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [What Ransomware Groups Look for in Enterprise Victims]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117927&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_08.31.23&sp_cid=49649&utm_content=DR_NL_Dark%20Reading%20Daily_08.31.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#64 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)