Government

Operation Sharpshooter Targets Global Nuclear, Defence, Energy, Financial Entities

11 - 18 December 2018

Researchers discovered a new global campaign dubbed Operation Sharpshooter that targets 87 nuclear, defence, energy, and financial entities across the world.
Researchers discovered a new global campaign dubbed Operation Sharpshooter that targets 87 nuclear, defence, energy, and financial entities across the world. Operation Sharpshooter uses macros-laden documents to download a first-stage in-memory implant that delivers a second-stage reconnaissance implant dubbed Rising Sun, which uses code from Lazarus Group’s Trojan Duuzer from 2015. The macros-laden documents are disseminated via Dropbox links shared over social media. Rising Sun collects data about network adapter, computer name, operating system product name from registry, username, and IP address. 

References:
[1] ‘Operation Sharpshooter’ Targets Global Defense, Critical Infrastructure
 
 

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Solutioning

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence