Video | Business Headlines | Internet | Science | Scientific Ethics | Technology | Search

 

Buckeye group used Equation Group tools pre-Shadow Brokers

Symantec Threat Intelligence: Buckeye attack group used Equation Group tools pre-Shadow Brokers leak

Today, Symantec released new research revealing the Buckeye (aka APT3 and Gothic Panda) attack group was using Equation Group tools to gain persistent access to target organisations at least a year prior to the Shadow Brokers leak. The variants of the Equation Group tools used by Buckeye appear to be newer and modified compared to those released by Shadow Brokers.

This marks the first time Symantec has seen a case—long referenced in theory—of an attack group recovering otherwise unknown exploits and tools used against them to subsequently attack others.

Of note, Buckeye’s use of Equation Group tools also involved the exploit of a previously unknown Windows zero-day vulnerability that Symantec discovered (which has since been patched by Microsoft).

While Buckeye appeared to cease operations in mid-2017 and three alleged members of the group were indicted by the U.S. Department of Justice in November 2017, the Equation Group tools associated with Buckeye specifically continued to be used in attacks until late 2018.

Symantec’s full research can be found here.




© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Robertson Speech: Budget Sees Wider Debt Target

"New Zealand is well positioned to face this instability and uncertainty, but we are not immune from its impacts. Growth rates are set to be lower than we have seen in recent years..." More>>

ALSO:

Commerce Commission: Spark Warned Of Broadband Price Rise

The warning follows an investigation into representations Spark made on its website and in emails in August and September 2018, notifying in-contract customers receiving its copper-based broadband service of its decision to increase the price by $5 a month. More>>

Law Commission: Resist Rushing To New “Deepfake” Law

Artificial intelligence techniques can create massive volumes of fake audio, images and video that is incredibly convincing and near-impossible to detect... While it is tempting to respond with new law, the study finds that the long list of current legislation covering the issues may be sufficient. More>>

ALSO:

'Contrary To US Interests': US Lockout Sees Android Ditch Huawei

Effective May 16, 2019, the Bureau of Industry and Security (BIS) amended the Export Administration Regulations (EAR) by adding Huawei Technologies Co., Ltd. (Huawei) to the Entity List. More>>

ALSO: