Cybercriminals attack Kuwait shipping
and transport organisations
P
alo Alto Networks has revealed how cybercriminals attacked
organisations in Kuwait. Unit 42, the global threat intelligence
team at Palo Alto Networks, observed previously unknown tools used
in the targeting of transportation and shipping organisations based
in the country.
The first known attack in this campaign targeted a Kuwait transportation
and shipping company in which the actors installed a backdoor tool
named Hisoka. Several custom tools were later downloaded to the
system in order to carry out post-exploitation activities.
All of these tools appear to have been created by the same
developer. The team were able to collect several variations of these
tools including one dating back to July 2018.
The developer of the collected tools used character names from the
anime series Hunter x Hunter, which is the basis for the campaign
name ‘xHunt’.
The names of the tools collected include backdoor tools Sakabota,
Hisoka, Netero and Killua. These tools not only use HTTP for their
command and control (C2) channels, but certain variants of these tools
use DNS tunneling or emails to communicate with their C2 as well.
While DNS tunneling as a C2 channel is fairly common, the
specific method in which this group used email to facilitate C2
communications has not been observed by Unit 42 in quite some time.
/////////////////
/
Middle East keen to be first to
embrace new technologies
how IT leaders have an appetite to
constantly look at new technologies.
While counterparts in Europe might seek
assurance that they aren’t the first to use
a particular solution or type of technology,
the attitude in the Middle East is quite
different – with CIOs in this region wanting
to be first and at the forefront of cutting-
edge technology.
Webb said: “They’re so brave and
entrepreneurial here that often they want
to be the first to have used that technology.
he Middle East is a ‘hugely important’
market, with IT leaders in the region keen
to embrace new innovative technologies,
according to an A10 Networks VP. T and Technology Consultant Lead, MEA, Adil
Baghir, at GITEX Technology Week 2019,
where the company showcased its entire
portfolio of leading network security solutions.
Intelligent CIO spoke to the company’s
Vice President, EMEA Sales, Anthony Webb, Speaking about the company’s commitment
to the Middle East region, Webb highlighted
www.intelligentcio.com
“And for an innovative company like A10
that plays to our strengths.
“In terms of business growth, we have
grown significantly in the region.
“The Middle East is very important to us and
will continue to be important to us.”
INTELLIGENTCIO
15