Events

CeCOS VIII – Hong Kong

The eighth annual Counter-eCrime Operations Summit (CeCOS VIII) was held in Hong Kong on April 8th , 9th and 10th, 2014.
The event brings together global leaders from financial services, technology, government, law enforcement, communications sectors and research centers.

208214253

Cybercrime fighters from the field examined:

  • Public-source criminal tracking techniques
  • Cloud and mobile malware forensics
  • The latest crimeware and web-based attack schemes
  • Bitcoin as a cybercrime tool
  • Globalized industrial cybercrime event data sharing
  • Ransomware scams menacing businesses
  • Global approaches to securing the Domain Name System

CeCOS VIII was an open conference for members of the electronic-crime fighting community. The agenda is located at http://apwg.org/apwg-events/cecos2014/agenda and I had the opportunity to share recent research results on the second day of the event.

208214254

My topic was the broad global abuse of compromised websites for malicious purposes.
After showing plenty of samples of such problematic websites in Japan, I went on to highlight local .hk samples and exposed samples related to the recently discovered “AOL spam” problems, namely compromised domains redirecting to diet scams or ‘housewife-make-money-from-home’ scams.

208214255

We had been seeing these suspicious URL patterns since the end of February 2014 and took measures to detect related data as “Trojan.JS.Redirector.acf” as well as heuristically.
More information about this threat can be found at virusbtn.com.

This Year’s CeCOS VIII included about 130 attendees from around 20 countries. The organizer noted: “In some dimensions, this is the strongest operations program we have ever organized. I know that important developments will proceed from CeCOS VIII and make enduring contributions.”

I can only confirm that there were plenty of opportunities for discussions and networking and it was a fruitful event – as usual, I may add.

CeCOS VIII – Hong Kong

Your email address will not be published. Required fields are marked *

 

Reports

Meet the GoldenJackal APT group. Don’t expect any howls

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

APT trends report Q1 2023

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

Tomiris called, they want their Turla malware back

We continued to track Tomiris as a separate threat actor over three new attack campaigns between 2021 and 2023, and our telemetry allowed us to shed light on the group. In this blog post, we’re excited to share what we now know of Tomiris with the broader community, and discuss further evidence of a possible connection to Turla.

Subscribe to our weekly e-mails

The hottest research right in your inbox