Archive for the ‘Malware’ Category

Costaricto APT: Cyber mercenaries use previously undocumented malware

CostaRicto APT is targeting South Asian financial institutions and global entertainment companies with an undocumented malware. Blackberry researchers have documented the activity of a hackers-for-hire group, dubbed CostaRicto, that has been spotted using a previously undocumented piece of malware to target South Asian financial institutions and global entertainment companies. “During the past six months, the BlackBerry Research […]

Leave a Comment

Hackers are backdooring QNAP NAS devices with 3-year old RCE bug

Hackers are scanning for vulnerable network-attached storage (NAS) devices running multiple QNAP firmware versions, trying to exploit a remote code execution (RCE) vulnerability addressed by QNAP in a previous release. Source: Hackers are backdooring QNAP NAS devices with 3-year old RCE bug CISA says 62,000 QNAP NAS devices have been infected with the QSnatch malwareQSnatch […]

Leave a Comment

Hacked government, college sites push malware via fake hacking tools

A large scale hacking campaign is targeting governments and university websites to host articles on hacking social network accounts that lead to malware and scams. Some of the sites targeted in this campaign belong to government sites for San Diego, Colorado, Minnesota, as well as sites for UNESCO, the National Institutes of Health (nih.gov), National […]

Leave a Comment

Maersk, me & notPetya – gvnshtn

Maersk is the world’s largest integrated shipping and container logistics company. I was massively privileged (no pun intended) to be their Identity & Access Management (IAM) Subject Matter Expert (SME), and later IAM Service Owner. Along with tens (if not hundreds) of others, I played a role in the recovery and cybersecurity response to the […]

Leave a Comment

Russian cyberspies use Gmail to control updated ComRAT malware

ESET security researchers have discovered a new version of the ComRAT backdoor controlled using the Gmail web interface and used by the state-backed Russian hacker group Turla for harvesting and stealing in attacks against governmental institutions. Source: Russian cyberspies use Gmail to control updated ComRAT malware US, UK, and Holland fighting back against Russia’s cyber attacks Russia cyber attacks: […]

Leave a Comment

Western intelligence hacked Russia’s Google Yandex to spy on accounts

Exclusive: Western intelligence hacked ‘Russia’s Google’ Yandex to spy on accounts – sources Source: Western intelligence hacked ‘Russia’s Google’ Yandex to spy on accounts Enter your email address: Delivered by FeedBurner

Leave a Comment

New Silex malware is bricking IoT devices, has scary plans | ZDNet

Over 2,000 devices have been bricked in the span of a few hours. Attacks still ongoing. Source: New Silex malware is bricking IoT devices, has scary plans | ZDNet How dangerous are IOT devices? | Yuval Elovici | TEDxBGU Enter your email address: Delivered by FeedBurner

Leave a Comment

U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert

The Cybersecurity and Infrastructure Security Agency (CISA) published an alert for Windows users to patch the critical severity Remote Desktop Services (RDS) RCE security flaw dubbed BlueKeep. Source: U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert   How to check if a target is vulnerable to the new RDP vulnerability (BlueKeep). Enter your email address: Delivered […]

Leave a Comment

A dive into Turla PowerShell usage | WeLiveSecurity

ESET researchers show how, in a bid to evade detection, the Turla group leverages PowerShell scripts to inject malware directly into memory. Source: A dive into Turla PowerShell usage | WeLiveSecurity  Subscribe in a reader

Leave a Comment

Stuxnet Malware Analysis

Stuxnet Malware Analysis By Amr Thabet Stuxnet videos library History of Stuxnet – Previous articles | DISC InfoSec blog What is Stuxnet, who created it and how does it work? | CSO Online GitHub – micrictor/stuxnet: Open-source decompile of Stuxnet/myRTUs Stuxnet Source Code Released Online – Download Now Stuxnet Family Tree Grows  Subscribe in a […]

Leave a Comment

Malware Analysis

Malware Analysis   Malware Analysis: An Introduction – SANS.org   Introduction to Malware Analysis | SANS Lenny Zeltser   Five Awesome Tools to perform Behavioural Analysis of Malware Earlier posts on Malware | DISC InfoSec blog  Subscribe in a reader

Leave a Comment

LimeRAT spreads in the wild

Cybaze-Yoroi ZLab team spotted an interesting infection chain leveraging several techniques able to defeat traditional security defences and spread LimeRAT. Source: LimeRAT spreads in the wild 2019 State of Malware | MalwareByte Labs Enter your email address: Delivered by FeedBurner

Leave a Comment

How to avoid document-based malware attacks

Some 59% of all malicious files detected in the first quarter of 2019 were documents, according to a Barracuda Networks report. Here’s how to protect yourself against this growing threat. Source: How to avoid document-based malware attacks

Leave a Comment

New Rocke Group Malware Turns off Your Cloud Security Tools

A new Rocke Group malware sample “captured” and analysed by Palo Alto Networks Unit 42 has adopted code to uninstall five cloud security protection products Source: New Rocke Group Malware Turns off Your Cloud Security Tools 🔒 securing the business 🔒 DISC InfoSec  

Leave a Comment

Top 5 excellent Antivirus Protection of 2017

Excellence is achievable but perfection is not. Find an excellent anti-virus product based on your requirements.   Malware are evolving faster than ever, so it’s encourging to discover that the latest generation of antivirus (AV) are better equipped to handle this evolving pace of change. Information security best practice recommends that every PC should run […]

Leave a Comment

How should an organization deal with #ransomware?

by Stephen Northcutt A question came up on the GIAC Advisory Board: “How should an organization deal with ransomware?” One of the members, Alan Waggoner, gave a good answer. All posts to that mailing list are private, so this is reposted with his permission. 1. Get reliable, tested backups of everything that is important. 2. […]

Leave a Comment

Controls against industrial Malware

Malicious software is called a malware and malware may include viruses, worms and trojans. A virus is a piece of code which is capable of replicating itself and mainly it depends on a host file (a document) to reach its target. However worm does not rely on the host file to reach the target but […]

Leave a Comment

The Rise of Malicious Traffic on Networks and how it Infect

  Sophisticated malicious attacks can go largely undetected by most antivirus software.  Defense in depth approach requires organizations to monitor for malicious activity, malware (bot traffic) at various levels of the network, perimeter layer, application level and subsequently at critical data level. How an end user might become infected, the obvious scenario being possibly our […]

Leave a Comment

New Stuxnet-Like Worm Discovered

By Jeff James : Twitter at @jeffjames3 In June 2010, security experts, analysts, and software providers were warning IT managers about Stuxnet, a new computer worm that was spreading rapidly over the internet. Stuxnet was distributed by Windows machines, and the intent of the worm wasn’t immediately clear. After a few months it was revealed […]

Comments (2)

Mobile Malware

Lookout Mobile Security By Mandira Srivastava Do you think it is safe to access sensitive data on mobile phone? Do you know that malware can steal valuable information from your phone? As smartphone sales are growing, the development of mobile malware, viruses that penetrate the security system of mobile devices, also increases. Mobile malware has […]

Leave a Comment