Latest news with #Rubidium
Time of India
2 days ago
- Politics
- Time of India
'Midnight Blizzard', 'Cozy Bear' and more ...How Microsoft, Google and other tech companies plans to untangle weird hacker nicknames
Microsoft, Google, CrowdStrike and Palo Alto Networks have announced that they will create a public glossary for state-sponsored hacking groups and cybercriminals. The goal is to reduce confusion caused by numerous unofficial nicknames for these entities. Microsoft and CrowdStrike expressed hopes of involving other industry partners and the US government in this effort to identify threat actors. "We do believe this will accelerate our collective response and collective defense against these threat actors," stated Vasu Jakkal, corporate vice president at Microsoft Security. Why it matters for US government and researchers Cybersecurity companies have long assigned coded names to hacking groups because attributing digital attacks can be difficult. Researchers need a way to track their adversaries. These names vary from functional, like "APT1" (Mandiant) or "TA453" (Proofpoint), to more colorful aliases such as "Earth Lamia" (TrendMicro) or "Equation Group" (Kaspersky). CrowdStrike's evocative names, like " Cozy Bear " for Russian hackers and "Kryptonite Panda" for Chinese groups, have been particularly popular, leading others to adopt similar styles. For example, Secureworks (now owned by Sophos) began using "Iron Twilight" for Russian hackers previously known as "TG-4127" in 2016. Microsoft also recently changed its naming convention from element-themed names like "Rubidium" to weather-themed ones such as "Lemon Sandstorm" or "Sangria Tempest." "But the same actor that Microsoft refers to as Midnight Blizzard might be referred to as Cozy Bear, APT29, or UNC2452 by another vendor. Our mutual customers are always looking for clarity. Aligning the known commonalities among these actor names directly with peers helps to provide greater clarity and gives defenders a clearer path to action," Jakkal said. However, the proliferation of these unique aliases has created overload. A 2016 U.S. government report on hacking attempts against the election caused confusion by using 48 different nicknames for various Russian hacking groups and malicious programs, including "Sofacy," "Pawn Storm," and "Tsar Team." Michael Sikorski, CTO for Palo Alto's threat intelligence unit, called the initiative a "game-changer," noting, "Disparate naming conventions for the same threat actors create confusion at the exact moment defenders need clarity." Adam Meyers, CrowdStrike's senior vice president of Counter Adversary Operations, highlighted an early success. He reported that the initiative already helped his analysts link a group Microsoft named "Salt Typhoon" with CrowdStrike's "Operator Panda." 5 biggest AI announcements at Microsoft Build 2025
Time of India
3 days ago
- Time of India
'Forest Blizzard' vs 'Fancy Bear': Microsoft, Google, Crowdstrike hope to untangle weird hacker nicknames
Microsoft, CrowdStrike, Palo Alto and Alphabet's Google on Monday said they would create a public glossary of state-sponsored hacking groups and cybercriminals, in a bid to ease confusion over the menagerie of unofficial nicknames for them. Microsoft and CrowdStrike said they hoped to potentially bring other industry partners and the U.S. government into the effort to identify Who's Who in the murky world of digital espionage. "We do believe this will accelerate our collective response and collective defense against these threat actors," said Vasu Jakkal, corporate vice president, Microsoft Security. How meaningful the effort ends up being remains to be seen. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like One of the Most Successful Investors of All Time, Warren Buffett, Recommends: 5 Books for Turning... Blinkist: Warren Buffett's Reading List Click Here Undo Cybersecurity companies have long assigned coded names to hacking groups, as attributing hackers to a country or an organization can be difficult and researchers need a way to describe who they are up against. Some names are dry and functional, like the "APT1" hacking group exposed by cybersecurity firm Mandiant or the "TA453" group tracked by Proofpoint. Others have more color and mystery, like the "Earth Lamia" group tracked by TrendMicro or the "Equation Group" uncovered by Kaspersky. Live Events CrowdStrike's evocative nicknames - "Cozy Bear" for a set of Russian hackers, or "Kryptonite Panda" for a set of Chinese ones - have tended to be the most popular, and others have also adopted the same kind of offbeat monikers. Discover the stories of your interest Blockchain 5 Stories Cyber-safety 7 Stories Fintech 9 Stories E-comm 9 Stories ML 8 Stories Edtech 6 Stories In 2016, for example, the company Secureworks - now owned by Sophos - began using the name "Iron Twilight" for the Russian hackers it previously tracked as "TG-4127." Microsoft itself recently revamped its nicknames, moving away from staid, element-themed ones like "Rubidium" to weather-themed ones like "Lemon Sandstorm" or "Sangria Tempest." But the explosion of whimsical aliases has already led to overload. When the U.S. government issued a report about hacking attempts against the 2016 election, it sparked confusion by including 48 separate nicknames attributed to a grab bag of Russian hacking groups and malicious programs, including "Sofacy," "Pawn Storm," "CHOPSTICK," "Tsar Team," and "OnionDuke." Michael Sikorski, the chief technology officer for Palo Alto's threat intelligence unit, said the initiative was a "game-changer." "Disparate naming conventions for the same threat actors create confusion at the exact moment defenders need clarity," he said. Juan Andres Guerrero-Saade, Executive Director for Intelligence and Security Research at cybersecurity firm SentinelOne, was skeptical of the effort, saying the cold reality of the cybersecurity industry was that companies hoarded information. Unless that changed, he said, "this is branding-marketing-fairy dust sprinkled on top of business realities."
NDTV
3 days ago
- Politics
- NDTV
'Forest Blizzard', 'Fancy Bear': Cyber Companies Vs Hacker Nicknames
Washington: Microsoft, CrowdStrike, Palo Alto and Alphabet's Google on Monday said they would create a public glossary of state-sponsored hacking groups and cybercriminals, in a bid to ease confusion over the menagerie of unofficial nicknames for them. Microsoft and CrowdStrike said they hoped to potentially bring other industry partners and the U.S. government into the effort to identify Who's Who in the murky world of digital espionage. "We do believe this will accelerate our collective response and collective defense against these threat actors," said Vasu Jakkal, corporate vice president, Microsoft Security. How meaningful the effort ends up being remains to be seen. Cybersecurity companies have long assigned coded names to hacking groups, as attributing hackers to a country or an organization can be difficult and researchers need a way to describe who they are up against. Some names are dry and functional, like the "APT1" hacking group exposed by cybersecurity firm Mandiant or the "TA453" group tracked by Proofpoint. Others have more color and mystery, like the "Earth Lamia" group tracked by TrendMicro or the "Equation Group" uncovered by Kaspersky. Crowdstrike's evocative nicknames - "Cozy Bear" for a set of Russian hackers, or "Kryptonite Panda" for a set of Chinese ones - have tended to be the most popular, and others have also adopted the same kind of offbeat monikers. In 2016, for example, the company Secureworks - now owned by Sophos - began using the name "Iron Twilight" for the Russian hackers it previously tracked as "TG-4127." Microsoft itself recently revamped its nicknames, moving away from staid, element-themed ones like "Rubidium" to weather-themed ones like "Lemon Sandstorm" or "Sangria Tempest." But the explosion of whimsical aliases has already led to overload. When the U.S. government issued a report about hacking attempts against the 2016 election, it sparked confusion by including 48 separate nicknames attributed to a grab bag of Russian hacking groups and malicious programs, including "Sofacy," "Pawn Storm," "CHOPSTICK," "Tsar Team," and "OnionDuke." Michael Sikorski, the chief technology officer for Palo Alto's threat intelligence unit, said the initiative was a "game-changer." "Disparate naming conventions for the same threat actors create confusion at the exact moment defenders need clarity," he said. Juan-Andres Guerrero-Saade, a top researcher at the cybersecurity firm SentinelOne, was skeptical of the effort, saying the cold reality of the cybersecurity industry was that companies hoarded information. Unless that changed, he said, "this is branding-marketing-fairy dust sprinkled on top of business realities." But CrowdStrike Senior Vice President of counter adversary operations, Adam Meyers, said the move had already delivered a win by helping his analysts connect a group Microsoft called "Salt Typhoon" with one CrowdStrike dubbed "Operator Panda."
Yahoo
3 days ago
- Business
- Yahoo
'Forest Blizzard' vs 'Fancy Bear' - cyber companies hope to untangle weird hacker nicknames
By Raphael Satter, AJ Vicens WASHINGTON (Reuters) -Microsoft, CrowdStrike, Palo Alto and Alphabet's Google on Monday said they would create a public glossary of state-sponsored hacking groups and cybercriminals, in a bid to ease confusion over the menagerie of unofficial nicknames for them. Microsoft and CrowdStrike said they hoped to potentially bring other industry partners and the U.S. government into the effort to identify Who's Who in the murky world of digital espionage. 'We do believe this will accelerate our collective response and collective defense against these threat actors,' said Vasu Jakkal, corporate vice president, Microsoft Security. How meaningful the effort ends up being remains to be seen. Cybersecurity companies have long assigned coded names to hacking groups, as attributing hackers to a country or an organization can be difficult and researchers need a way to describe who they are up against. Some names are dry and functional, like the 'APT1' hacking group exposed by cybersecurity firm Mandiant or the 'TA453' group tracked by Proofpoint. Others have more color and mystery, like the 'Earth Lamia' group tracked by TrendMicro or the 'Equation Group' uncovered by Kaspersky. Crowdstrike's evocative nicknames - 'Cozy Bear' for a set of Russian hackers, or 'Kryptonite Panda' for a set of Chinese ones - have tended to be the most popular, and others have also adopted the same kind of offbeat monikers. In 2016, for example, the company Secureworks - now owned by Sophos - began using the name "Iron Twilight" for the Russian hackers it previously tracked as "TG-4127." Microsoft itself recently revamped its nicknames, moving away from staid, element-themed ones like 'Rubidium' to weather-themed ones like 'Lemon Sandstorm' or 'Sangria Tempest.' But the explosion of whimsical aliases has already led to overload. When the U.S. government issued a report about hacking attempts against the 2016 election, it sparked confusion by including 48 separate nicknames attributed to a grab bag of Russian hacking groups and malicious programs, including 'Sofacy,' 'Pawn Storm,' 'CHOPSTICK,' 'Tsar Team,' and 'OnionDuke.' Michael Sikorski, the chief technology officer for Palo Alto's threat intelligence unit, said the initiative was a 'game-changer.' 'Disparate naming conventions for the same threat actors create confusion at the exact moment defenders need clarity,' he said. Juan-Andres Guerrero-Saade, a top researcher at the cybersecurity firm SentinelOne, was skeptical of the effort, saying the cold reality of the cybersecurity industry was that companies hoarded information. Unless that changed, he said, "this is branding-marketing-fairy dust sprinkled on top of business realities." But CrowdStrike Senior Vice President of counter adversary operations, Adam Meyers, said the move had already delivered a win by helping his analysts connect a group Microsoft called 'Salt Typhoon' with one CrowdStrike dubbed 'Operator Panda.' Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
The Star
3 days ago
- The Star
'Forest Blizzard' vs 'Fancy Bear' - cyber companies hope to untangle weird hacker nicknames
CrowdStrike logo is seen in this illustration taken July 29, 2024. REUTERS/Dado Ruvic/Illustration/File Photo WASHINGTON (Reuters) -Microsoft, CrowdStrike, Palo Alto and Alphabet's Google on Monday said they would create a public glossary of state-sponsored hacking groups and cybercriminals, in a bid to ease confusion over the menagerie of unofficial nicknames for them. Microsoft and CrowdStrike said they hoped to potentially bring other industry partners and the U.S. government into the effort to identify Who's Who in the murky world of digital espionage. 'We do believe this will accelerate our collective response and collective defense against these threat actors,' said Vasu Jakkal, corporate vice president, Microsoft Security. How meaningful the effort ends up being remains to be seen. Cybersecurity companies have long assigned coded names to hacking groups, as attributing hackers to a country or an organization can be difficult and researchers need a way to describe who they are up against. Some names are dry and functional, like the 'APT1' hacking group exposed by cybersecurity firm Mandiant or the 'TA453' group tracked by Proofpoint. Others have more color and mystery, like the 'Earth Lamia' group tracked by TrendMicro or the 'Equation Group' uncovered by Kaspersky. Crowdstrike's evocative nicknames - 'Cozy Bear' for a set of Russian hackers, or 'Kryptonite Panda' for a set of Chinese ones - have tended to be the most popular, and others have also adopted the same kind of offbeat monikers. In 2016, for example, the company Secureworks - now owned by Sophos - began using the name "Iron Twilight" for the Russian hackers it previously tracked as "TG-4127." Microsoft itself recently revamped its nicknames, moving away from staid, element-themed ones like 'Rubidium' to weather-themed ones like 'Lemon Sandstorm' or 'Sangria Tempest.' But the explosion of whimsical aliases has already led to overload. When the U.S. government issued a report about hacking attempts against the 2016 election, it sparked confusion by including 48 separate nicknames attributed to a grab bag of Russian hacking groups and malicious programs, including 'Sofacy,' 'Pawn Storm,' 'CHOPSTICK,' 'Tsar Team,' and 'OnionDuke.' Michael Sikorski, the chief technology officer for Palo Alto's threat intelligence unit, said the initiative was a 'game-changer.' 'Disparate naming conventions for the same threat actors create confusion at the exact moment defenders need clarity,' he said. Juan-Andres Guerrero-Saade, a top researcher at the cybersecurity firm SentinelOne, was skeptical of the effort, saying the cold reality of the cybersecurity industry was that companies hoarded information. Unless that changed, he said, "this is branding-marketing-fairy dust sprinkled on top of business realities." But CrowdStrikeSenior Vice President of counter adversary operations, Adam Meyers, said the move had already delivered a win by helping his analysts connect a group Microsoft called 'Salt Typhoon' with one CrowdStrike dubbed 'Operator Panda.' (Reporting by Raphael Satter, editing by Chris Sanders and Deepa Babington)
