The Open Source Intelligence (OSINT) Flash is the collection and analysis of information that is gathered from public, or open, sources. OSINT is primarily used in national security, law enforcement, and business intelligence functions and is of value to analysts who use non-sensitive intelligence in answering classified, unclassified, or proprietary intelligence requirements across the previous intelligence disciplines.
Malwares
Title : Malware Author Inflates Backdoor Trojan With Junk Data Hoping to Avoid Detectio
Date Published : May 1, 2017
Exerpt : A malware coder is injecting megabytes of junk data inside his malicious payloads, hoping to avoid detection by some antivirus solutions or delay investigations of infosec professionals. Known only as “123”, this malware coder has been active since 2015, when he was first spotted deploying the XXMM malware. His activity falls in the category of targeted attacks, this crook focusing on infecting computers at Japanese companies for the purpose of exfiltrating sensitive data.
Title : New OSX.Dok malware intercepts web traffic
Date published : April 28, 2017
Source : https://blog.malwarebytes.com/threat-analysis/2017/04/new-osx-dok-malware-intercepts-web-traffic/
Exerpt : OSX.Dok, which was discovered by Check Point, uses sophisticated means to monitor—and potentially alter—all HTTP and HTTPS traffic to and from the infected Mac. This means that the malware is capable, for example, of capturing account credentials for any website users log into, which offers many opportunities for theft of cash and data.
Vulnerability
Title : Lenovo warns of IBM Storwize shipped with infected initialization USB drives
Date published : April 30, 2017
Source : http://securityaffairs.co/wordpress/58571/malware/ibm-storwize-infected.html
Exerpt : Some USB flash drives containing the initialization tool shipped with the IBM Storwize for Lenovo V3500, V3700 and V5000 Gen 1 storage systems contain a file that has been infected with malicious code.
Title : iCloud support scams
Date published : April 25, 2017
Source : https://blog.malwarebytes.com/cybercrime/2017/04/icloud-support-scams/
Exerpt : The results of such scams can vary. Some are interested in the purchasing power since iCloud accounts double as Apple IDs, which can be used to make purchases from the Mac App Store, iOS App Store, and even the online and brick-and-mortar Apple Stores.
Cyber Warfare
Title : NATO Locked Shields 2017, world’s largest cyber defence exercise just ended
Date published : May 1, 2017
Source : http://securityaffairs.co/wordpress/58586/cyber-warfare-2/nato-locked-shields-2017.html
Exerpt : Locked Shields 2017 is organised in cooperation with the Estonian Defence Forces, the Finnish Defence Forces, the Swedish Defence University, the British Joint Army, the United States European Command, Air Operations COE and Tallinn University of Technology.
Attack
Title : How to Bring HID Attacks to the Next Level
Date published : May 1, 2017
Source : http://securityaffairs.co/wordpress/58587/hacking/whid-injector-bring-hid-attacks
Exerpt : WHID stands for WiFi HID injector. It is a cheap but reliable piece of hardware designed to fulfill Red-Teamers & Pentesters needs related to HID Attacks, during their engagements.
Title : FIN7 group has enhanced its phishing techniques
Date published : April 29, 2017
Source : http://securityaffairs.co/wordpress/58508/cyber-crime/fin7-group-phishing.html
Exerpt : The FIN7 group has adopted new phishing techniques, it is leveraging on hidden shortcut files (LNK files) to compromise targets. Experts from FireEye highlighted that attacks were launched by FIN7 group and not the Carbanak Group as suspected by other security experts.
Data Leak
Title : WIKILEAKS REVEALS CIA TOOL ‘SCRIBBLES’ FOR DOCUMENT TRACKING
Date Published : April 28, 2017
Source : https://threatpost.com/wikileaks-reveals-cia-tool-scribbles-for-document-tracking/125299/
Exerpt : WikiLeaks released details on what it said is a Central Intelligence Agency document tracking program called Scribbles, part of the agency’s effort to keep tabs on documents leaked to whistleblowers and journalists.
