OS & Software

Fd7e078e5bfb68a4be33cbfac76f4f70

Analyzing Desktops, Heaps, and Ransomware with Volatility

September 24, 2012 Added by:Michael Ligh

This post discusses the undocumented windows kernel data structures for desktop objects and desktop heaps. You'll see how to use memory forensics to detect recent malware including the ACCDFISA ransomware and Tigger variants...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

CleanIT Project: concerns for a Global Surveillance Project

September 23, 2012 Added by:Pierluigi Paganini

I just returned from the Cyber Threat Summit in Dublin, The event revealed an alarming scenario on cyber threats, no matter if it is cybercrime, hacktivism, cyber terrorism or cyber warfare, all those share a worrying growth of attacks that are influencing our digital lives...

Comments  (1)

Ca77c9128684f4263450c6d728107608

Sophos is the Lamest Virus Ever...

September 21, 2012 Added by:Damion Waltermeyer

Starting September 19, Sophos successfully became the lamest virus ever. An update put out by their auto-update service has rendered many machines across the world useless. This update detected false positives and deleted or quarantined them...

Comments  (0)

7366c113eb2ccd38f6bbcbd5d52a6bec

How to PWN Systems Through Group Policy Preferences

September 20, 2012 Added by:Jeff McCutchan

All users have read access to the SYSVOL share of the domain controller. Forget about password cracking or passing the hash, you just get the cleartext password. A simple search for “*.xml” in the SYSVOL share on the domain controller will show if your organization is vulnerable...

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Detecting Window Stations and Clipboard Monitoring Malware with Volatility

September 19, 2012 Added by:Michael Ligh

Explore undocumented windows kernel data structures related to window station objects and the clipboard. Detect clipboard-snooping malware using Volatility - an advanced memory forensics framework...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

State-Sponsored Attacks or Not? That's the Question...

September 18, 2012 Added by:Pierluigi Paganini

Despite the use of cyber weapons and the damage caused by offensive operations being major concerns for intelligence agencies, clues are frequently discovered about attacks designed to steal sensitive information and intellectual property. Who is behind these cyber attacks?

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Recovering Login Sessions, Loaded Drivers, and Command History with Volatility

September 18, 2012 Added by:Michael Ligh

Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Microsoft Disrupts Nitol Botnet: Malware Hidden in Supply Chain

September 16, 2012 Added by:Pierluigi Paganini

Cybercriminals are exploiting a new way to spread malware by preloading malicious code inside counterfeit software deployed in computers that are offered for sale. To give you an idea of the phenomenon, 20% of the PCs researchers bought from an unsecure supply chain were infected with malware...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Elderwood Project: Who is Behind Aurora and Ongoing Attacks?

September 10, 2012 Added by:Pierluigi Paganini

The attacks appeared to be originated in China and aimed at dozens of other organizations who were hit, of which Adobe Systems and Juniper Networks confirmed the incident. The press is also convinced that other companies were targeted such as Morgan Stanley, Northrop Grumman and Yahoo...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Three Days of The Condor... With Malware

September 07, 2012 Added by:Infosec Island Admin

Pandora’s box has been opened. All the players are taking the field, and many of them may not be ready to play a proper game… Shamoon did it’s thing, but it seems to be more a brute force tool than an elegant piece of code and a slick plan. The blowback though is yet to be determined...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

As BYOD Trend Grows So Do Malware Attacks

September 06, 2012 Added by:Bill Gerneglia

The report found that the majority of employee’s devices did not have any form of security software loaded nor were company materials protected. The new report provides detailed assessments of the mobile security threat and the growing market for security solutions...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

2012 Norton Cybercrime Report Presents a Worrisome Scenario

September 06, 2012 Added by:Pierluigi Paganini

With 556 million of victims per year, 2 of 3 adults have been victims of online crime in their lifetime, with a total economic loss of 110 Billion and an average cost per victim of $197. The trend demonstrates the need to put in place a massive awareness campaign...

Comments  (0)

44a2e0804995faf8d2e3b084a1e2db1d

The Dutch and the Dorifel

August 27, 2012 Added by:Don Eijndhoven

XDocCrypt/Dorifel is a new trojan that encrypts executables, Excel- and Word files that it finds on USB drives and network disks, causing companies to come to a grinding halt after infection. What worries me most is it’s being delivered by systems previously infected with the Citadel/Zeus trojan...

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

Crisis Malware Threatens Virtualized Environments

August 24, 2012 Added by:Pierluigi Paganini

Crisis Malware is an agent used to spy on victims by intercepting communications, and it is able to open a backdoor on the infected host once the user executes a JAR file made to look like an Adobe Flash Installer. The malware has been developed for several OSs, and a Mac version has been isolated...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Shamoon Malware: Cyber Espionage Tool or Cyber Weapon

August 20, 2012 Added by:Pierluigi Paganini

Many hypotheses have been proposed, and some experts are convinced that Shamoon is a new state sponsored malware designed for cyber espionage that is also able to destroy the victims' device, perhaps to hide its operations by deleting evidence that can link the agents to the Command & Control servers...

Comments  (0)

71d85bb5d111973cb65dfee3d2a7e6c9

Attack with Power... Point That Is

August 16, 2012 Added by:f8lerror

There have been all kinds of document attacks, but what about PowerPoint? It turns out that PowerPoint makes it easy for an attacker to turn innocent slideshows into a nasty little attack. The attack involves four simple steps: Make a slideshow, make an action, rename the file and distribute it. Here's how...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »
Most Liked