NATO is Concerned about Russia’s Hybrid Warfare Capabilities, Reaper IoT Botnet Worse than Mirai & Russian Cyber Spies Exploiting Flash Zero-Day


Russia May Have Surpassed NATO – NATO is worried about keeping up and being able to counter Russia’s hybrid warfare strategy. The Alliance has recognised that it needs to adapt to the mixture of conventional tactics, subversive campaigns and cyber warfare that Russia is adopting and using currently in Ukraine. Recent war games run by the US Defense Department have clearly shown that the US is ill-prepared for any military engagement with Russia with the US infrastructure particular vulnerable to cyber attack. With NATO leaders feeling unsure of their ability to counter Russian hybrid warfare, they fear they are losing the battlefield advantage.

The Reaper is Coming – Check Point warned today that a new IoT Botnet has been secretly amassing power and is ready to strike with devastating power against its victims. Considered to be worse than Mirai, it has been focusing on gathering web cameras and routers to its army and has gained over a million devices so far. Labelled “Reaper” it is considered to be more sophisticated than Mirai as it can “evolve” in order to exploit vulnerabilities as they are discovered. With the Mirai botnet pretty much taking down the internet with its previous attacks, it is vital that the world prepares to face this new and potent threat. This could be the calm before all hell breaks loose.

APT 28 is on the Hunt – The infamous cyber espionage group, APT 28 (aka Fancy Bear) is on the hunt in an attempt to exploit CVE-2017-11292, a Flash player zero-day exploit before the majority of companies update their systems. Current data is suggesting they are targeting State departments and the private sector aerospace industry with spear phishing campaigns. Evidence also points to a rushed and sloppy effort as an assembled exploit is reusing code from past attacks. CVE-2017-11292 was discovered by Kaspersky researchers when a Middle Eastern cyber espionage group called BlackOasis used it to employ a spying toolkit called FinSpy. The vulnerability employs an old malware called DelaersChoice, which is an exploitation framework embedded in Office files and sent via spear-phishing emails. When the victim opens these booby-trapped files, DealersChoice calls to a remote server, downloads the CVE-2017-11292 exploit code, and tries to run it on the victim’s side.