OS & Software

03b2ceb73723f8b53cd533e4fba898ee

Flame, miniFlame, the mystery of an on going cyber espionage campaign

October 16, 2012 Added by:Pierluigi Paganini

Last May The Iranian Computer Emergency Response Team (MAHER) detected a new malware which hit the country named Flame, also known as Flamer or Skywiper. Kaspersky Lab and CrySyS Lab also identified the malware, recognized as a powerful cyber espionage tool that hit mainly Windows systems in the Middle East...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Hacktivists Using Shortened Links to Hide Malware Servers

October 15, 2012 Added by:Dan Dieterle

“Most did not recognise that people using fake profiles, perhaps masquerading as school friends, could capture information and movements. Few consider the possibilities of data mining and how patterns of behaviour can be identified over time..."

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

What is the Dorkbot Worm That is Attacking Skype Users?

October 12, 2012 Added by:Pierluigi Paganini

What would happen if a malware compromises a communication system adopted daily by 663 million users? Security experts have issued an alert to Skype users about an ongoing attack that tries to induce them to click a link that spreads malware...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

GAO Invites FDA to Improve Information Security for Medical Devices

October 08, 2012 Added by:Pierluigi Paganini

In the last decade the number of cyber incidents related to technologies that surround us is growth exponentially, the principal concerns are related to all those objects with an "intelligent component" that we daily use expose on internet for different purposes...

Comments  (5)

B1c4090e84dcfac820a2b8ebe6eee82b

SMTP Dialects: How to Detect Bots Looking at SMTP Conversations

October 03, 2012 Added by:Gianluca Stringhini

We need new techniques to detect and block spam. Current techniques mostly fall in two categories: content analysis and origin analysis. Content analysis techniques look at what is being sent, and typically analyze the content of an email to see if it is indicative of spam...

Comments  (6)

03b2ceb73723f8b53cd533e4fba898ee

PlaceRaider: 3D Visual Malware from Military Research

October 01, 2012 Added by:Pierluigi Paganini

It's known that military sector represents a privileged incubator for new technologies than in many cases are subsequently used in civil. We have already read about the existence of software to spy on victims that are able to record communications and movements but the Naval Surface Warfare Center in Crane, Indiana in collaboration with researchers at Indiana University created a new type of 'vi...

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Analyzing Desktops, Heaps, and Ransomware with Volatility

September 24, 2012 Added by:Michael Ligh

This post discusses the undocumented windows kernel data structures for desktop objects and desktop heaps. You'll see how to use memory forensics to detect recent malware including the ACCDFISA ransomware and Tigger variants...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

CleanIT Project: concerns for a Global Surveillance Project

September 23, 2012 Added by:Pierluigi Paganini

I just returned from the Cyber Threat Summit in Dublin, The event revealed an alarming scenario on cyber threats, no matter if it is cybercrime, hacktivism, cyber terrorism or cyber warfare, all those share a worrying growth of attacks that are influencing our digital lives...

Comments  (1)

Ca77c9128684f4263450c6d728107608

Sophos is the Lamest Virus Ever...

September 21, 2012 Added by:Damion Waltermeyer

Starting September 19, Sophos successfully became the lamest virus ever. An update put out by their auto-update service has rendered many machines across the world useless. This update detected false positives and deleted or quarantined them...

Comments  (0)

7366c113eb2ccd38f6bbcbd5d52a6bec

How to PWN Systems Through Group Policy Preferences

September 20, 2012 Added by:Jeff McCutchan

All users have read access to the SYSVOL share of the domain controller. Forget about password cracking or passing the hash, you just get the cleartext password. A simple search for “*.xml” in the SYSVOL share on the domain controller will show if your organization is vulnerable...

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Detecting Window Stations and Clipboard Monitoring Malware with Volatility

September 19, 2012 Added by:Michael Ligh

Explore undocumented windows kernel data structures related to window station objects and the clipboard. Detect clipboard-snooping malware using Volatility - an advanced memory forensics framework...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

State-Sponsored Attacks or Not? That's the Question...

September 18, 2012 Added by:Pierluigi Paganini

Despite the use of cyber weapons and the damage caused by offensive operations being major concerns for intelligence agencies, clues are frequently discovered about attacks designed to steal sensitive information and intellectual property. Who is behind these cyber attacks?

Comments  (0)

Fd7e078e5bfb68a4be33cbfac76f4f70

Recovering Login Sessions, Loaded Drivers, and Command History with Volatility

September 18, 2012 Added by:Michael Ligh

Learn about the undocumented windows kernel data structures related to RDP logon sessions, alternate process listings, and loaded drivers. See how Volatility can help you forensically reconstruct attacker command histories and full input/output console buffers...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Microsoft Disrupts Nitol Botnet: Malware Hidden in Supply Chain

September 16, 2012 Added by:Pierluigi Paganini

Cybercriminals are exploiting a new way to spread malware by preloading malicious code inside counterfeit software deployed in computers that are offered for sale. To give you an idea of the phenomenon, 20% of the PCs researchers bought from an unsecure supply chain were infected with malware...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Elderwood Project: Who is Behind Aurora and Ongoing Attacks?

September 10, 2012 Added by:Pierluigi Paganini

The attacks appeared to be originated in China and aimed at dozens of other organizations who were hit, of which Adobe Systems and Juniper Networks confirmed the incident. The press is also convinced that other companies were targeted such as Morgan Stanley, Northrop Grumman and Yahoo...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Three Days of The Condor... With Malware

September 07, 2012 Added by:Infosec Island Admin

Pandora’s box has been opened. All the players are taking the field, and many of them may not be ready to play a proper game… Shamoon did it’s thing, but it seems to be more a brute force tool than an elegant piece of code and a slick plan. The blowback though is yet to be determined...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »