Resurrection Of The Evil MinerDr. Fahim Abbasi, Dr. Farrukh Shahzad, Umair Ali Zafar, Safwan Khan and Hasib Latif, Threat ResearchAt FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME (inline frame) – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate source and display it within the main web page – embedded in a PE binary (Portable Executable Binary, or .exe). .....Senin, 27 Jun 2016
RansomWeb Attacks Are Five Times More Common in 2016Catalin Cimpanu, SoftpediaRansomWeb attacks are happening five times more frequently in 2016, compared to 2015, security firm High-Tech Bridge is reporting, based on activity seen on its security products in the past six months. ....Kamis, 23 Jun 2016
'It's High Noon': Blizzard authentication servers fall offlineSteve Ragan, Salted Hash - Top Security News (CSO Blog)Early Monday morning, gaming giant Blizzard had server issues, which led to authentication lockouts for gamers attempting to access Overwatch, Hearth Stone, World of Warcraft, Diablo, Heroes of the Stone, and more. .....Kamis, 23 Jun 2016
Black-Hat uses SQL injection to your site to boost their SEO rankingSC MagazineInstead of stealing your data, a criminal-run bot-net is using SQL injection to insert hidden links to boost the SEO of their own dodgey sites. .....Kamis, 23 Jun 2016
VB2015 paper: DDoS Trojan: A Malicious Concept that Conquered the ELF FormatVirus BulletinRecently, a new trend has emerged in non-Windows DDoS attacks. Malware has evolved into complex and relatively sophisticated pieces of code, employing compression, advanced encryption and even rootkit capabilities. Machines running systems supporting the ELF format are targeted – meaning that anything from desktops and servers to IoT devices such as routers or digital video recorders (DVRs) are at risk. ....Kamis, 23 Jun 2016
Lurk Banker Trojan: Exclusively for RussiaAlexey Shulmin and Mikhail Prokhorenko, SecureList (Kaspersky Lab Blog)"One piece of advice that often appears in closed message boards used by Russian cybercriminals is “Don’t work with RU”. This is a kind of instruction given by more experienced Russian criminals to the younger generation. It can be interpreted as: “don’t steal money from people in Russia, don’t infect their machines, don’t use compatriots to launder money.”Rabu, 22 Jun 2016
Buggy Russian Ransomware Inadvertently Allows Free DecryptionRommel Abraham D Joven, Security Research (Fortinet Blog)Fortinet recently encountered a new ransomware variant that targets a Russian-speaking audience. The file is hosted on a Russian file hosting site, and is likely propagated via drive-by download. It encrypts files and appends the extension with crypt38. ....Rabu, 22 Jun 2016
Banking Trojans as a Service—Theft Made Easy in BrazilTrend Micro, TrendLabs Security Intelligence BlogAs a known banking Trojan center, it’s not surprising when Brazil’s cybercriminals launch what could be considered “banking Trojans as a service.” In this particular case, a skilled cybercriminal started offering a fully functional banking Trojan and its associated infrastructure for rent, to be used by less-skilled crooks. ....Rabu, 22 Jun 2016
New Sofacy Attacks Against US Government AgencyRobert Falcone and Bryan Lee, Unit 42 (Paloalto blog)The Sofacy group, also known as APT28, is a well-known threat group that frequently conducts cyber espionage campaigns. Recently, Unit 42 identified a spear phishing e-mail from the Sofacy group that targeted the United States government. The e-mail was sent from a potentially compromised account belonging to the Ministry of Foreign Affairs of another government entity and carried the Carberp variant of the Sofacy Trojan. ....Rabu, 22 Jun 2016
Say No to Ransomware With These Trend Micro Free ToolsTrendLabs Security Intelligence Blog (Trend Micro)Trend Micro has released free tools—Trend Micro Crypto-Ransomware File Decryptor Tool and Trend Micro Lock Screen Ransomware Tool–to help users and organizations fight back against the dangers that ransomware pose. ....Rabu, 08 Jun 2016
Disclaimer | Copyright © 2013 - Id-SIRTII/CC
Id-SIRTII/CC - Indonesia Security Incident Response Team on Internet Infrastructure/Coordination Center
Menara Ravindo Lt. 17, Jl. Kebon Sirih No. 75 Jakarta Pusat, 10340, Indonesia
Member of: