研究ブログ

ウクライナとロシアの戦争が激化する中、サイバー攻撃は、実弾による両国の戦争の前哨戦となっている。 研究者によると、ロシアのハッカーグループ「ACTINIUM」は、サイバー攻撃のシグネチャ検知を回避し、より高度なマルウェアを展開するための新しい難読化機能を開発した。 また、ACTINIUMは大量のドメイン、IPアドレス、ワードリストを使用してIoCs情報に基づく検出を回避しているため、研究者が脅威を分析、特定することが困難になっている。

Valentine’s Day this year saw the end of a truly toxic relationship — a prolonged supply chain attack targeting the Taiwan financial and securities trading sector that had begun back in November 2021. Evidence uncovered during a CyCraft incident response (IR) investigation ties these attacks to APT10 — a China state-sponsored hacker group widely believed to be associated with the Chinese Intelligence Agency, the Ministry of State Security (MSS).

CyCraft uncovered intelligence regarding the November 2021 cyberattacks targeting the Taiwan financial and securities trading sector; CyCraft further attributed the cyberattacks to APT10 — a China state-sponsored hacker group widely believed to be associated with the Chinese Intelligence Agency, the Ministry of State Security (MSS).

The road to constructing an effective novel response against ransomware begins with understanding the recent trends of the underground ransomware ecosystem: common targets of ransomware, typical ransomware behavior, common ransomware encryption schemes, as well as the construction and application of decryptors and other effective response approaches and tools.

PK Tsung, Co-Founder & CSO of CyCraft Technology, spoke at SEMICON TAIWAN on the dangers of, and the solutions to, four common pain points targeting electronics manufacturing, design supply chain, and other SEMI member-related industries.

Following the announcement of CVE-2021–4228, CyCraft issued an emergency advisory to all CyCraft Customers outlining mitigation best practices. This advisory was updated as additional related vulnerabilities came to light.