Security Firm Redefines APT: African Phishing Threat

  • Senin, 08 Jun 2015
  • Penulis: Brian Krebs, Krebsonsecurity

I wanted to know if I was alone in finding fault with the root9B report, so I reached out to Jaime Blasco, vice president and chief scientist at AlienVault — one of the security firms that first published the initial findings on the Sofacy/APT28 group back in October 2014

Selengkapnya

Attack Gains Foothold Against East Asian Government Through “Auto Start”

  • Senin, 08 Jun 2015
  • Penulis: Dove Chiu, Security Intelligence Blog (Trend Micro)

East Asian government agencies came under siege when attackers targeted several servers within their networks. The said attackers, who showed familiarity and in-depth knowledge of their agencies’ network topology, tools, and software, were able to gain access to their targeted servers and install malware.

Selengkapnya

United Airlines bug bounty program

  • Jumat, 05 Jun 2015
  • Penulis: United Airlines Website

Bugs that are eligible for submission: Authentication bypass Bugs on customer-facing websites such as: united.com beta.united.com ......

Selengkapnya

Silent Google Forces Security Firm to Release PoC Exploits for Google App Engine

  • Jumat, 05 Jun 2015
  • Penulis: Ionut Ilascu, Softpedia

A security company disclosed to the public on Friday code for exploiting several vulnerabilities in Google App Engine (GAE) for Java that would allow an attacker complete Java VM security sandbox escape.

Selengkapnya

'Home-brewed' encryption scheme opens millions of smart meters to hacking, warn researchers

  • Jumat, 05 Jun 2015
  • Penulis: Fred Donovan, fierceitsecurity Blog

The researchers--Phillip Jovanovic of the University of Passau in Germany and Samuel Neves of the University of Coimbra in PortugaL--explained that the standard developed by OSGP is mixture of RC4 and a "home-brewed" message authentication code (MAC) called OMA Digest.

Selengkapnya

Meet the Pezão Trojan: Brazil’s Got Malware

  • Kamis, 04 Jun 2015
  • Penulis: Limor Kessem, Security Intelligence Blog

Local malicious code is known for a number of typical traits, but most of all for being programmed in Delphi — a rather simplistic approach to create rather simplistic Trojans. Because of that, Brazil has hardly any defined malware families, in the classic sense, with each iteration but a minor customization of something that was used many times before.

Selengkapnya

Bublik Trojan – Variant Evolves with New Features

  • Kamis, 04 Jun 2015
  • Penulis: Raashid Bhat, iSight Partners

iSIGHT Partners has been tracking the development of the Bublik downloader trojan and recently discovered a new variant with more complex features. Based on what we have seen, it appears to use spam and the Nuclear Exploit Kit as a method of distribution.

Selengkapnya

Computer Criminals Brought to Justice – Randall Charles Tucker

  • Kamis, 04 Jun 2015
  • Penulis: David Bisson

We now report on the story of Randall Charles Tucker, a serial distributed denial of service (DDoS) attacker who targeted the websites of government authorities whom he felt were guilty of unjust behavior.

Selengkapnya

SPEAR: A Threat Actor Resurfaces

  • Kamis, 04 Jun 2015
  • Penulis: Jon Gross, Cylance Blog

Several months ago I examined a malware-tainted Word document titled “ISIS_twitter_list.doc.” I didn’t think much of it and quickly moved on after a cursory analysis.

Selengkapnya

APT28 Targets Financial markets: zero day hashes released

  • Kamis, 04 Jun 2015
  • Penulis: mediafire/root9b

Sofacy, Sednit, Sourface, APT-28, and a host of other names are all used to describe this particularly proli?c and superbly talented group of Russian hackers, which has strongly suspected ties to Russian intelligence services.

Selengkapnya

Pemantauan Trafik Internet Nasional

Laporan pemantauan trafik internet nasional dengan menampilkan laporan trafik mingguan, trafik bulanan dan trafik tahunan.

Peringatan Ancaman Keamanan & Kerentanan Sistem

Kumpulan arikel tentang peringatan dini ancaman keamanan dan kerentanan sistem.

Security News

Kumpulan berita tentang keamanan siber atau IT.

Laporan Insiden

Id-SIRTII/CC menerima pelaporan insiden dari publik untuk kemudian dilakukan koordinasi kepada pihak-pihak yang berkepentingan.