The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
https://thecyberwire.com/podcasts/daily-podcast
episode 265: Billbug infests government agencies. [Research Saturday]
Brigid O. Gorman from Symantec's Threat Hunter Team joins Dave to discuss their report "Billbug - State-sponsored Actor Targets Cert Authority and Government Agencies in Multiple Asian Countries." The team has discovered that state-sponsored actors compromised a digital certificate authority in an Asian country during a campaign in which multiple government agencies were also targeted.
The research states they believe Billbug, which is a long-established advanced persistent threat (APT) group has been active since about 2009. They say "In activity documented by Symantec in 2019, we detailed how the group was using a backdoor known as Hannotog (Backdoor.Hannotog) and another backdoor known as Sagerunex (Backdoor.Sagerunex). Both these tools were also seen in this more recent activity."
The research can be found here:
- Billbug: State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries
Learn more about your ad choices. Visit megaphone.fm/adchoices