QUASAR, SOBAKEN AND VERMIN: A deeper look into an ongoing espionage campaign

July 16, 2018

Using remote access tools Quasar, Sobaken and Vermin, cybercriminals have been systematically spying on Ukrainian government institutions and exfiltrating data from their systems. The threat actors, first mentioned in a report from January 2018 and tracked by ESET since mid-2017, continue to develop new versions of their stealthy malware. In this white paper, we take a closer look at this ongoing campaign. We provide further details on the malware used to compromise victims’ systems and, on the payloads, installed on compromised systems, and describe the various methods the attackers use to distribute and target their malware while avoiding detection.

Spotlight

VenusTech

Venustech has a state-level network security technology research and development center and a world-class security research and service team. It has applied for hundreds of technical patents and made many pioneering achievements in the industry: the world’s first IDS hardware product, China’s first distributed vulnerability scanning system, China’s first 10 Gigabit multi-core UTM platform, realization of significant breakthrough in 10 Gigabit UTM core technology and China’s first postdoctoral workstation for the enterprise's network security. To date, Venustech has dig out 74 common vulnerabilities and exposures in total, the highest record across Asia. Venustech was the first enterprise in China to join Microsoft MAPP program.

OTHER WHITEPAPERS
news image

INDUSTRIAL CYBER RISK MANAGEMENT

whitePaper | May 21, 2021

Critical infrastructure owners and operators have managed industrial risk for hundreds of years. This risk is usually measured in impact to health, safety, and reliability. As these industrial systems become increasingly digitized, so does the risk. What were once seen as isolated, manual processes have become reliant on communication networks and digital devices.

Read More
news image

Fortinet Security Fabric Enables Digital Innovation

whitePaper | February 5, 2020

Organizations are rapidly adopting digital innovation (DI) initiatives to accelerate their businesses, reduce costs, improve efficiency, and provide better customer experiences. Common initiatives involve moving applications and workflows to the cloud, deploying Internet-of-Things (IoT) devices on the corporate network, and expanding the organization’s footprint to new branch locations. With this evolving infrastructure also come security risks. Organizations must cope with growing attack surfaces, advanced threats, increased infrastructure complexity, and an expanding regulatory landscape. To accomplish their desired DI outcomes while effectively managing risks and minimizing complexities, organizations need to adopt a cybersecurity platform that provides visibility across their environment and a means to manage both security and network operations easily.

Read More
news image

Recommended Criteria for Cybersecurity Labeling of Consumer Software

whitePaper | February 4, 2022

Software is an integral part of life for the modern consumer. Nevertheless, most consumers take for granted and are unaware of the software upon which many products and services rely. From the consumer’s perspective, the very notion of what constitutes software may even be unclear. While enabling many benefits to consumers, that software that is, software normally used for personal, family, or household purposes can also have cybersecurity flaws or vulnerabilities which can directly affect safety, property, and productivity.

Read More
news image

What Is a Value Chain for Security

whitePaper | November 15, 2019

Cisco has architected and deploys a capability that continually assesses, monitors, and improves the security of our value chain throughout the entire lifecycle of our solutions.

Read More
news image

Cyber Security: Defending your digital business

whitePaper | November 13, 2019

Your business relies on its technology – but lurking around the corner are intruders who can disrupt or devalue your operations. This report shines a light on the sources of the problem, and how you can establish the control you need to get the best from IT. In every corner of the globe, businesses are building new capabilities thatrely on technology. Small businesses are automating previously‐manual processes and digitizing key tasks and information sources. At the same time, large enterprises are dedicating vast resources to analytics and to digital transformation – capitalizing on the reach and opportunities enabled by digitalized processes.

Read More
news image

Cyber Security for Business

whitePaper | December 17, 2019

At CGI, cyber security is part of everything we do. For more than 40 years, we have helped clients manage complex security challenges with a business focused approach – protecting what is most valuable to them. As our economy becomes even more digital in nature, securing our organisations against cyber-attacks and data breaches has become one of the most important business issues facing senior management.

Read More

Spotlight

VenusTech

Venustech has a state-level network security technology research and development center and a world-class security research and service team. It has applied for hundreds of technical patents and made many pioneering achievements in the industry: the world’s first IDS hardware product, China’s first distributed vulnerability scanning system, China’s first 10 Gigabit multi-core UTM platform, realization of significant breakthrough in 10 Gigabit UTM core technology and China’s first postdoctoral workstation for the enterprise's network security. To date, Venustech has dig out 74 common vulnerabilities and exposures in total, the highest record across Asia. Venustech was the first enterprise in China to join Microsoft MAPP program.

Events