Bots and botnets in 2018
...of the botnet under the control of a C&C center. The malware on the infected device receives a command from C&C containing the target mask (for example, the URL of... more…Diving Deep into Mayhem
...to the malware for the module to process. The contents of these argument strings depend on the loaded module, but usually contain at least a target domain or URL for... more…Can Online Dating Apps be Used to Target Your Company?
...of Fish, Jdate, OKCupid, Grindr, Coffee meets Bagel, and LoveStruck. The first stage of our research seeks to answer these main questions: Given a known target (e.g., company executive, head... more…Following the Trail of BlackTech’s Cyber Espionage Campaigns
...files Open remote Shell Upload target file Execute applications via ShellExecute API Delete target file PLEAD also uses the document-targeting exfiltration tool DRIGO, which mainly searches the infected machine for... more…Perl-Based Shellbot Looks to Target Organizations via C&C
...understand how the initial exploit on the first server worked, we also found configuration files of the hackers’ toolset that allowed them to target organizations through DoS and SSH brute... more…ProjectSauron: top level cyber-espionage platform covertly extracts encrypted government comms
...extremely advanced actors in order to avoid repeating their mistakes. For example, all artifacts are customized per given target, reducing their value as indicators of compromise for any other victim.... more…Kaspersky Security Bulletin 2018. Top security stories
...a sophisticated cyber-espionage platform that has been used to target victims in the Middle East and Africa since 2012. We discovered this threat – which rivals Regin and ProjectSauron in... more…Was "Metadata" leaked in the Target breach?
...The Target data breach has been big news ever since Brian Krebs broke the story several weeks ago. And our analysts have been investigating the related malware samples, all... more…Dnsmasq: A Reality Check and Remediation Practices
...First of all, all of the vulnerabilities (CVE-2017-14491 to 14496) assume the attacker is remote to the target device, which means that the attacker only needs to be able to... more…IT threat evolution Q1 2019
...arsenal – the first time that we have observed a well-known APT threat actor deploy malware with this compiled open-source language. Zebrocy continues to target government-related organizations in Central Asia,... more…Infected Cryptocurrency-Mining Containers Target Docker Hosts With Exposed APIs, Use Shodan to Find Additional Victims
...it is added to a list (iplist.txt file), which is further sorted for unique IPs. It also checks if the target host already has an existing cryptocurrency-mining container running, which... more…The Need for Better Built-in Security in IoT Devices
...the same upper hand. Prerequisites for an Attack on IoT Devices Regardless of the target IoT device, attackers make use of several elements when launching an attack. In any scenario,... more…Many Pieces of a Puzzle: Target, Neiman Marcus and Website Hacking
...media over the last few weeks because of a couple of large-scale credit card events at both Target and Neiman Marcus. For the average person, website security and credit card... more…OSX Malware Linked to Operation Emmental Hijacks User Network Traffic
...other is a .docx file used to target Windows operating systems using WERDLOD. Both of these samples work as Banking Trojans and provide similar functionalities. Some examples of the files... more…What Is Ransomware and Who Does It Target?
...clear that ransomware has grown to be rampant, but who, exactly, is it going after these days? Who it targets Hospitals. The biggest and most saddening target for ransomware attacks... more…New Open Source Ransomware Based on Hidden Tear and EDA2 May Target Businesses
...references, KaoTear, POGOTEAR, and FSociety have other similarities. For one, they target almost the same file types to encrypt: *.txt, *.doc, *.docx, *.xls, *.xlsx, *.ppt, *.pptx, *.odt, *.jpg, *.png, *.csv,... more…Kam dál?
- Vodafone to build infosec centre with DiData and FireEye
- Android Botnet Uses Twitter for Receiving Commands
- Security blogger Graham Cluley’s website suffers DDoS attack
- Tweet “#MansionParty,” get one #SpectacularlyTrashedMansion
- YouTube to crack down on inappropriate videos targeting kids
- PLEAD Targeted Attacks Against Taiwanese Government Agencies
- How IT Departments Can Manage The Security Skills Shortage
- IBM Adds New Service to Cloud Identity Offering
- Samsung promises fix for vulnerability in Android devices
- How we may’ve made Friday’s massive internet outage worse