Research Spotlight: Ropmemu - A Framework For The Analysis Of Complex Code-Reuse Attacks

  • Rabu, 08 Jun 2016
  • Penulis: Mariano Graziano, Talos (Cisco Blog)

Code-reuse attacks, such as return-oriented programming (ROP), are part of this evolution and currently present a challenge to defenders as it is an area of research that has not been studied in depth. Today, Talos releases ROPMEMU, a framework to analyze complex code-reuse attacks. In this blog post, we will identify and discuss the challenges and importance of reverse engineering these code-reuse instances. ....

Selengkapnya

Did the Clinton Email Server Have an Internet-Based Printer?

  • Rabu, 08 Jun 2016
  • Penulis: Brian Krebs, KrebsOnSecurity

The Associated Press today points to a remarkable footnote in a recent State Department inspector general report on the Hillary Clinton email scandal: The mail was managed from the vanity domain “clintonemail.com.” But here’s a potentially more explosive finding: A review of the historic domain registration records for that domain indicates that whoever built the private email server for the Clintons also had the not-so-bright idea of connecting it to an Internet-based printer ....

Selengkapnya

Bug Poaching: A New Extortion Tactic Targeting Enterprises

  • Rabu, 08 Jun 2016
  • Penulis: John Kuhn, Security Intelligence (IBM Blog)

Imagine a scenario in which burglars break into your home but steal nothing and don’t harm anything inside. Instead, these burglars take pictures of all your precious belongings and personal assets. Later that day, you receive a letter with copies of all these pictures and an alarming message: “If you’d like to know how we broke into your house, please pay us large sums of money.” ....

Selengkapnya

Got $90,000? A Windows 0-Day Could Be Yours

  • Rabu, 08 Jun 2016
  • Penulis: Brian Krebs, KrebsOnSecurity

How much would a cybercriminal, nation state or organized crime group pay for blueprints on how to exploit a serious, currently undocumented, unpatched vulnerability in all versions of Microsoft Windows? That price probably depends on the power of the exploit and what the market will bear at the time, but here’s a look at one convincing recent exploit sales thread from the cybercrime underworld where the current asking price for a Windows-wide bug that allegedly defeats all of Microsoft’s current security defenses is USD $90,000. ...

Selengkapnya

SandJacking Attack Puts iOS Devices At Risk to Rogue Apps

  • Rabu, 08 Jun 2016
  • Penulis: Michael Mimoso, Threat Post (Kaspersky Lab Blog)

Apple has yet to patch a vulnerability disclosed during last week’s Hack in the Box hacker conference in Amsterdam that allows an attacker with physical access—even on the latest versions of iOS—to swap out legitimate apps with malicious versions undetected on the device. ....

Selengkapnya

Fake Bank App Ramps Up Defensive Measures

  • Rabu, 08 Jun 2016
  • Penulis: Jordan Pan, TrendLabs Security Intelligence Blog (Trend Micro)

It’s not uncommon for malware to have capabilities that protects itself. This usually consists of routines that help keep it hidden. One particular mobile malware caught our attention with its unique combination that makes its attack stealthy, and it has the capability to locks a user’s device. A similar routine was reported previously in our entry on Operation Emmental in terms of locking the victim’s phone. However, this new malware does so as a failsafe and without the use of external commands.....

Selengkapnya

Android Spyware Targets Security Job Seekers in Saudi Arabia

  • Rabu, 08 Jun 2016
  • Penulis: Yukihiro Okutomi, McAfee Labs Blog

During the past few years, Intel Security Mobile Research has monitored and reported on several countries in the region and has found an alarming increase in campaigns using mobile malware for not only disruption and hacktivism but also for intelligence gathering. Today we shed light on a new campaign targeting Saudi Arabia. ...

Selengkapnya

Android Banker malware goes social

  • Rabu, 08 Jun 2016
  • Penulis: Shivang Desai, ZScaler

During a regular hunt for malware, our researchers came across an interesting malicious Android app that portrayed itself as an online app for the reputable Russian bank Sberbank, which is the largest bank in Russia and Eastern Europe. ....

Selengkapnya

The OilRig Campaign: Attacks on Saudi Arabian Organizations Deliver Helminth Backdoor

  • Rabu, 08 Jun 2016
  • Penulis: Robert Falcone and Bryan Lee, Unit 42 (Paloalto Networks Blog)

In May 2016, Unit 42 observed targeted attacks primarily focused on financial institutions and technology organizations within Saudi Arabia ....

Selengkapnya

Link (.lnk) to Ransom

  • Rabu, 08 Jun 2016
  • Penulis: msft-mmpc, TechNet (Microsoft Blog)

We are alerting Windows users of a new type of ransomware that exhibits worm-like behavior. This ransom leverages removable and network drives to propagate itself and affect more users. We detect this ransomware as Ransom:Win32/ZCryptor.A. ...

Selengkapnya

Pemantauan Trafik Internet Nasional

Laporan pemantauan trafik internet nasional dengan menampilkan laporan trafik mingguan, trafik bulanan dan trafik tahunan.

Peringatan Ancaman Keamanan & Kerentanan Sistem

Kumpulan arikel tentang peringatan dini ancaman keamanan dan kerentanan sistem.

Security News

Kumpulan berita tentang keamanan siber atau IT.

Laporan Insiden

Id-SIRTII/CC menerima pelaporan insiden dari publik untuk kemudian dilakukan koordinasi kepada pihak-pihak yang berkepentingan.