Synopsis
Raut just said the Centre had warned there were attempts to disrupt power supply but they were not successful. Raut said after the blackout, he had asked the cyber cell to investigate the causes and it had given its report.
ANI
Two days after claiming that the October 12 power blackout was the result of a cyber-attack, Maharashtra energy minister Nitin Raut failed to clearly reiterate it while replying to a question in the assembly on Wednesday.
Raut just said the Centre had warned there were attempts to disrupt power supply but they were not successful. Raut said after the blackout, he had asked the cyber cell to investigate the causes and it had given its report.
Get Permission
A new malware loader dubbed Gootloader is using search engine optimization techniques to spread ransomware, Trojans and other malware, the security firm Sophos reports.
The campaign is active in North America, South Korea, Germany and France, Sophos researchers say.
To trick victims into visiting infected websites, Gootloader uses malicious search engine optimization techniques to squirm into Google search results, Sophos notes. These techniques are effective at evading detection over a network – right up to the point where the malicious activity trips over behavioral detection rules.
When someone enters certain keywords into a Google search, they are shown the link to the malicious website. Once they visit the website, they are then prompted to download a zip file that installs Gootloader, which then loads REvil ransomware and the Gootkit and Kronos Trojans, the report notes.
Attack flow for Minebridge malware (Source: Zscaler) The operators behind the Minebridge remote-access Trojan have updated the malware, which is targeting security researchers by using a malicious payload disguised in an attached document, according to the security firm Zscaler.
The newly discovered version of the RAT is embedded in a macro-based Word document file. When a recipient clicks on the malicious link, Minebridge buries itself into the remote desktop software TeamViewer, which enables the hackers to deploy more malware or spy on the victim s device. We have recently observed other instances of threat actors targeting security researchers with social engineering techniques. The use of social engineering tactics targeting security teams appears to be on an upward trend, Zscaler notes.
Get Permission
The developers of LodaRAT malware, which has previously only targeted Windows devices, have developed a new variant, Loda4Android, that targets Android devices, according to Cisco Talos.
LodaRAT, previously known as Gaza007, is operated by a group called Kasablanca, which uses the malware for cyberespionage and information stealing, say researchers Warren Mercer, Chris Neal and Vitor Ventura, who analyzed the malware for Cisco Talos. The operators of this Loda campaign appear to have a specific interest in Bangladesh-based organizations, namely banks and carrier-grade voice-over-IP software vendors, which we observed on several lures attempting to distribute the malware droppers, the researchers say. The default victim ID on the Windows version is munafa, which is the Urdu and Bengalese word for profit.
Yu Shuang, founder of the Beijing restaurant Trojan Fairy, posted a message on her social media account on Dec 16 asking for help with a "financial emergency".