OS & Software
Shamoon Malware: Cyber Espionage Tool or Cyber Weapon
August 20, 2012 Added by:Pierluigi Paganini
Many hypotheses have been proposed, and some experts are convinced that Shamoon is a new state sponsored malware designed for cyber espionage that is also able to destroy the victims' device, perhaps to hide its operations by deleting evidence that can link the agents to the Command & Control servers...
Comments (0)
Attack with Power... Point That Is
August 16, 2012 Added by:f8lerror
There have been all kinds of document attacks, but what about PowerPoint? It turns out that PowerPoint makes it easy for an attacker to turn innocent slideshows into a nasty little attack. The attack involves four simple steps: Make a slideshow, make an action, rename the file and distribute it. Here's how...
Comments (0)
Pro-Syrian Hackers Target Activists with Fake Anti-Hacking Tool
August 16, 2012 Added by:Electronic Frontier Foundation
The latest malware campaign plays into users' concerns about protecting their security by offering a fake security tool called AntiHacker, which promises to provide "Auto-Protect & Auto-Detect & Security & Quick scan and analyzing." AntiHacker instead installs a remote access tool called DarkComet RAT...
Comments (0)
Giving Aid and Comfort to the Enemy
August 16, 2012 Added by:
Why do the likes of McAfee, Symantec, TrendMicro, Microsoft and Bitdefender publish reverse engineering code examples and analysis on cyber espionage and sabotage tools which serve to delay, disrupt, deny, and deceive our enemies from developing nuclear weapons. This is giving aid and comfort to the enemy...
Comments (11)
Tackling Modern Malware
August 15, 2012 Added by:Simon Heron
With conventional antivirus products, their signature bases are never completely up to date. When a new infection emerges, it simply roams freely across all endpoints. Conversely, WSA leverages behavioural monitoring to pick up infections when it isn’t sure whether a file is malicious or not...
Comments (0)
FinFisher: The Cyber Espionage Tool Found Everywhere
August 15, 2012 Added by:Pierluigi Paganini
FinFisher is a powerful cyber espionage agent developed by the Gamma Group that is able to secretly spy on a target's computers, intercepting communications, recording every keystroke and taking complete control of the host. The spyware was developed for law enforcement and government use...
Comments (0)
Fighting Threats in the Age of Cyberwar
August 14, 2012
ICSA Labs Chief Emerging Threat Researcher Roger Thompson discusses security challenges in the face of ever-evolving cyber threats in the wild. Thompson is a pioneer in combating malware. In 1987, he created Australia’s first anti-virus program after recognizing a trend in malware lifecycles...
Comments (0)
Gauss Malware and Shadow Warfare
August 14, 2012 Added by:Joel Harding
The International Telegraph Union is the world’s telecommunication governing body. The United States is actively resisting them as the governing body. With Kaspersky’s Gauss discovery, the United States’ argument grows weaker. The US recognizes the advantage it has by having de facto control over the internet...
Comments (0)
Gauss: Evidence of Ongoing Cyberwar and Espionage Campaigns
August 13, 2012 Added by:Pierluigi Paganini
Gauss collects network interface information, BIOS characteristics and computer drive details. Many ignore the aspect of modularity of the agent which may receive supplementary modules developed using the info acquired directly on the targets to conduct attacks against critical infrastructure...
Comments (0)
Malware Wars! Cyber-Wars! Cyber-Espionage-Wars! Oh My...
August 11, 2012 Added by:Scot Terban
We have opened Pandora’s box and there is no way to get what has escaped back in. We have given the weapon framework away due to the nature of the carrier. Even if Gauss is encrypted, it will be broken and then what? Unlike traditional weapons that destroy themselves, the malware we have sent can be reverse engineered...
Comments (0)
State Sponsored Malware Takes Over Mars Rover
August 10, 2012 Added by:J. Oquendo
Many companies will omit many details and shift-slash-skew agendas to meet their concerns. Those concerns will ALWAYS be financial ones. At this point it is obvious that they and only they are capable of detecting the unseen, unheard of, undetectable, uberfilthware capable of infecting curiousity on Mars...
Comments (1)
FBI and IC3 Issue Advisory on Revetion Ransomware
August 10, 2012 Added by:Headlines
Reveton is drive-by malware and unlike many viruses which activate when users open a file or attachment. Reveton can install itself when users simply click on a compromised website. Once infected, the computer immediately locks, and the monitor displays a screen stating there has been a violation of federal law...
Comments (0)
Remote Forensics Trojans, Surveillance and Investigations
August 07, 2012 Added by:Pierluigi Paganini
Thus the problem of acquisition using RFS tools is that not only is the original source (the computer) not subjected to seizure, it is not in a static environment and can be manipulated. Evidence obtained from an unsecured system can always be subject to a challenge to its authenticity and reliability...
Comments (0)
What it Takes to Create Intelligence for a Stuxnet, Flame or Duqu
August 06, 2012
Stuxnet, Flame, Duqu and Mahdi are but payloads of overall programs designed through the work of intelligence. The news, anti-virus firms, managed security companies and consultancies all focus on the malware and the code. They are missing the big picture...
Comments (0)
Rakshasa: Is it Possible to Design the Perfect Hardware Backdoor?
August 01, 2012 Added by:Pierluigi Paganini
Rakshasa malware infects the host’s BIOS and takes advantage of a vulnerable aspect of traditional architecture, as peripherals like network cards or sound cards can write to the computer’s RAM or to portions of the memory allocated to any of the other peripherals. It is hard to detect, and quite impossible to remove...
Comments (5)
NIST Draft Guide to Malware Incident Prevention and Handling
July 31, 2012
This publication provides recommendations for improving an organization’s malware incident prevention measures. It also gives extensive recommendations for enhancing an organization’s existing incident response capability so that it is better prepared to handle malware incidents, particularly widespread ones...
Comments (0)
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox