Morning Security Brief: Mirage Malware, Cloud Security Alliance, Syria Conflict, and More
Phishing campaigns target natural resource companies. Cloud Security Alliance to issue new reports. Syria accuses Gulf countries of supporting regional instability. And more.
►A recent spear phishing campaign has been linked to the same hackers behind the RSA breach last year. The campaign targets companies in the energy sector and a military organization in Taiwan. Dell SecureWorks Counter Threat Unit discovered the campaign's malware, Mirage, embedded in executable files disguised as PDFs . “Silas Cutler, a security researcher for SecureWorks CTU, said that Mirage wasn't particularly sophisticated, but that it was effective in that it usually reached mid- to senior-level executives – who are targeted by the spear phishing emails,” SC Magazine reports. The malicious program sends information back to remote servers. Researcher say natural resource companies are becoming more desirable targets.
►The Cloud Security Alliance will release more than 20 reports on issues in the “most critical areas of cloud computing ” at its annual Congress this November in Florida. The will include new findings and guidance on mobile security, big data and privacy. See the full press release here.
►Syrian president Bashar Assad said on Friday rebels will not overthrow the Syrian government and accused countries in the Persian Gulf of trying to remove him from power and support instability in the region. "They are giving terrorists weapons and money with hope of repeating the Libyan model," Assad is quoted . "Instead of helping regional stability they are supplying armed elements with weapons and training in order to weaken the Syrian state."
►In other news, more embassies around the world close after violent protests continue. ♦ NIST releases risk assessment guidance . ♦ And Blackberry reports a service outage possibly affecting millions as Apple unveils the iPhone 5.