Blog Posts Tagged with "malware"

Ca77c9128684f4263450c6d728107608

Sophos is the Lamest Virus Ever...

September 21, 2012 Added by:Damion Waltermeyer

Starting September 19, Sophos successfully became the lamest virus ever. An update put out by their auto-update service has rendered many machines across the world useless. This update detected false positives and deleted or quarantined them...

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Detecting Window Stations and Clipboard Monitoring Malware with Volatility

September 19, 2012 Added by:Michael Ligh

Explore undocumented windows kernel data structures related to window station objects and the clipboard. Detect clipboard-snooping malware using Volatility - an advanced memory forensics framework...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

State-Sponsored Attacks or Not? That's the Question...

September 18, 2012 Added by:Pierluigi Paganini

Despite the use of cyber weapons and the damage caused by offensive operations being major concerns for intelligence agencies, clues are frequently discovered about attacks designed to steal sensitive information and intellectual property. Who is behind these cyber attacks?

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

FireEye Advanced Threat Report: The Inadequacy of Defenses

September 12, 2012 Added by:Pierluigi Paganini

The security firm FireEye has released an interesting report that provides an overview of the current threat landscape, evolving malware, advanced persistent threat (APT) tactics, and the level of infiltration seen in organizations’ networks today. The report presents an alarming scenario ...

Comments  (0)

924ce315203c17e05d9e04b59648a942

There is No Need for a Cybersecurity Executive Order

September 11, 2012 Added by:Richard Stiennon

Forcing utility operators, banks, and earth resources companies to comply with frameworks based on outmoded asset and vulnerability methodologies will distract them from implementing threat based defenses. The Executive Order, if issued, will do much more harm than good...

Comments  (2)

03b2ceb73723f8b53cd533e4fba898ee

Elderwood Project: Who is Behind Aurora and Ongoing Attacks?

September 10, 2012 Added by:Pierluigi Paganini

The attacks appeared to be originated in China and aimed at dozens of other organizations who were hit, of which Adobe Systems and Juniper Networks confirmed the incident. The press is also convinced that other companies were targeted such as Morgan Stanley, Northrop Grumman and Yahoo...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Three Days of The Condor... With Malware

September 07, 2012 Added by:Infosec Island Admin

Pandora’s box has been opened. All the players are taking the field, and many of them may not be ready to play a proper game… Shamoon did it’s thing, but it seems to be more a brute force tool than an elegant piece of code and a slick plan. The blowback though is yet to be determined...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

As BYOD Trend Grows So Do Malware Attacks

September 06, 2012 Added by:Bill Gerneglia

The report found that the majority of employee’s devices did not have any form of security software loaded nor were company materials protected. The new report provides detailed assessments of the mobile security threat and the growing market for security solutions...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Research Sheds Light on New Surveillance Apps for Smartphones

September 04, 2012 Added by:Electronic Frontier Foundation

The FinSpy Mobile analysis will allow vulnerable and at-risk users to better understand the threat of government surveillance and make better judgements to protect their security and privacy. This software is sophisticated and powerful...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Shamoon - DistTrack Malware

August 30, 2012 Added by:Infosec Island Admin

W32.DistTrack, also known as “Shamoon,” is an information-stealing malware that also includes a destructive module. Shamoon renders infected systems useless by overwriting the Master Boot Record (MBR), the partition tables, and most of the files with random data. Once overwritten, the data are not recoverable...

Comments  (0)

296634767383f056e82787fcb3b94864

Who's Responsible for the Saudi Aramco Network Attack?

August 28, 2012 Added by:Jeffrey Carr

Iran is at the center of every significant aspect of this attack. It is the only nation with access to the original Wiper virus from which Shamoon was copied. Perhaps Iran has learned something from Russia about the strategy of misdirection via the government's recruitment of patriotic hackers...

Comments  (4)

03b2ceb73723f8b53cd533e4fba898ee

U.S. Admits to Cyber Attacks: The Future of Conflict

August 28, 2012 Added by:Pierluigi Paganini

“As a commander in Afghanistan in the year 2010, I was able to use my cyber operations against my adversary with great impact... I was able to get inside his nets, infect his command-and-control, and in fact defend myself against his almost constant incursions to get inside my wire, to affect my operations...”

Comments  (0)

44a2e0804995faf8d2e3b084a1e2db1d

The Dutch and the Dorifel

August 27, 2012 Added by:Don Eijndhoven

XDocCrypt/Dorifel is a new trojan that encrypts executables, Excel- and Word files that it finds on USB drives and network disks, causing companies to come to a grinding halt after infection. What worries me most is it’s being delivered by systems previously infected with the Citadel/Zeus trojan...

Comments  (1)

296634767383f056e82787fcb3b94864

Lessons for CEOs from the Saudi Aramco Breach

August 27, 2012 Added by:Jeffrey Carr

Most security operations centers are monitoring for an APT-style attack and their defensive tactics are geared towards interrupting it by use of an "intrusion kill chain". The attack on Saudi Aramco didn't fit this model, and hence would have been completely missed by most of the world's largest companies...

Comments  (1)

86d8831c7ce6fcda920aac867a984d98

Ghost USB Honeypot: Interview with Project Leader Sebastian Poeplau

August 27, 2012 Added by:InfoSec Institute

Ghost is a honeypot for detecting malware that spreads via USB devices. It first tries to emulate a USB thumb drive. If the malware identifies it as a USB thumb drive, it will trick the malware into infecting it. Ghost then looks for write based requests on the drive, which is an indication of a malware...

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

Crisis Malware Threatens Virtualized Environments

August 24, 2012 Added by:Pierluigi Paganini

Crisis Malware is an agent used to spy on victims by intercepting communications, and it is able to open a backdoor on the infected host once the user executes a JAR file made to look like an Adobe Flash Installer. The malware has been developed for several OSs, and a Mac version has been isolated...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »