Security Leftovers

posted by Roy Schestowitz on Sep 01, 2023

• Five Eyes Report: New Russian Malware Targeting Ukrainian Military Android Devices

  The new malware, named Infamous Chisel, is actually a collection of components designed to provide persistent backdoor access to compromised Android devices over the Tor network, and enable the attackers to collect and exfiltrate data.

  The campaign has been linked to the threat actor known as Sandstorm, which was previously connected to Russia’s GRU foreign military intelligence agency.

• Kremlin-backed Sandworm strikes Android devices with data-stealing Infamous Chisel

  Russia's Sandworm crew is using an Android malware strain dubbed Infamous Chisel to remotely access Ukrainian soldiers' devices, monitor network traffic, access files, and steal sensitive information, according to a Five Eyes report published Thursday.

  The Sandworm gang, which Western government agencies have previously linked to Russia's GRU military intelligence unit, was behind a series of attacks leading up to the bloody invasion of neighboring Ukraine. They've continued infecting that country and its allies' computers with data wipers, info-stealers, ransomware, and other malicious code ever since.

• Denmark joins Lithuania-led cyber rapid response force

  The cyber rapid response team will consist of nationally delegated experts from Croatia, Estonia, Lithuania, the Netherlands, Poland, Romania, Belgium, Slovenia, and Denmark.

• Cybersecurity compliance: What companies need to know about the new SEC rules

  The U.S. Securities and Exchange Commission recently updated its rules on cyber risk management, governance and incident disclosure. The new rules will take effect in December 2023.

  Given that the guidelines have only been out for a month, how are companies responding to its stipulations so far, and what major challenges are they facing on that path?