September 6, 2017
Key-Logging Malware, Dubbed EHDevel, Found Intelligence Gathering – Global
Security researchers have found a sophisticated malware framework, EHDevel, which started with more vulnerable individuals in a bid to reach ultimate objective, targeting several Pakistani individuals. The malware, dubbed EHDevel, has been used by attackers, thought to be nation-state hackers, to gather intelligence. According to a Reuters report, a cyber-spying campaign is currently being waged against Indian and Pakistani entities. The malware allows hackers to log keystrokes, identify a victim's location and steal personal data. The malware also uses a complex mix of transitions from one programming language to another, code under active development, and bugs that were not spotted during the QA process. In a white paper, security researchers from Bitdefender said that a year ago they came across a suspicious document called News.doc. However, unlike most potentially malicious documents that get processed in its labs, this file displayed similarities with a set of files known to have been used in separate attacks targeted at different institutions. Further investigations found that is used a malware framework that uses a handful of novel techniques for command and control identification and communications, as well as a plugin-based architecture, a design choice increasingly being adopted among threat actor groups in the past few years.
International Corporate Espionage Targeted Company – Massachusetts, United States
A Massachusetts surgical technology company was the target of an international corporate espionage attempt last week, local and authorities said. Dong Liu, 44, who is also known as Kevin, is accused of attempting to commit international corporate espionage, according to statements from the Raynham Police Department and the Department of Justice. The CEO of Medrobiotics, a corporation based in Raynham, called police on Monday after spotting Liu in a conference room. Liu was working on three laptop computers, the CEO told police. “Liu allegedly lied several times about his purpose there,” police said. “Liu named one company employee whom the CEO knew was out of the country for a few weeks; Liu then identified another employee whom the CEO knew had not scheduled such a meeting; Liu then named the CEO himself, which the CEO knew was not to be true,” the Department of Justice said. Medrobiotics manufactures and sells a robotic surgical system and police said the company has invested millions of dollars to develop technologies that are not yet patented.
New Security System in Place at Las Vegas Airport – Nevada, United States
Las Vegas' busy airport is using a new automated screening security system during the Labor Day holiday weekend. The new system was introduced on Thursday at Terminal 3, the Las Vegas Review-Journal reported. The security change comes as an estimated 509,000 airline passengers are expected to depart or arrive at McCarran International from Friday to Monday, a 4 percent jump from last year's holiday weekend, Airport spokeswoman Christine Crews said. "This airport is busy year-round, but there has been enough planning for us to be able to put this in place as we head into Labor Day weekend," Transportation Security Administration spokeswoman Lorie Dankers said. Three reconfigured security lanes are equipped with upgraded features, including bins that are 25 percent larger and capable of holding roll-aboard luggage. Each of those bins is equipped with radio-frequency chips, creating another layer of accountability for travelers' carry-on property during the security process, Dankers said. Bags and bins deemed to be safe will roll down a conveyor belt, while those possibly carrying a prohibited item will be diverted to a separate area where officers can take a closer look. Officials started installing the new system at the end of July, followed by roughly two weeks of testing alongside existing security lines as a way to compare speed and efficiency, Dankers said.
FOR MORE INFORMATION:
To sign up for the complete daily G4S Corporate Risk Services Intelligence Bulletin, as well as regular intelligence and risk updates and news, click here to subscribe!