Irongate ICS Malware: Nothing To See Here...Masking Malicious Activity On Scada SystemsJosh Homan, Sean McBride, Rob Caldwell, Threat Research Blog (FireEye)In the latter half of 2015, the FireEye Labs Advanced Reverse Engineering (FLARE) team identified several versions of an ICS-focused malware crafted to manipulate a specific industrial process running within a simulated Siemens control system environment. We named this family of malware IRONGATE. ....Selasa, 07 Jun 2016
FastPOS: Quick and Easy Credit Card TheftTrendLabs Security Intelligence Blog (Trend Micro)FastPOS is designed to immediately exfiltrate any stolen card data, instead of storing it locally in a file and periodically sending it to the attackers. This suggests that it may have been designed to target situations with a much smaller network environment. .....Selasa, 07 Jun 2016
DRIDEX Poses as Fake Certificate in Latest Spam RunMichael Casayuran, Rhena Inocencio and Jay Yaneza, TrendLabs Security Intelligence Blog (Trend MicroAt a glance, it seems that DRIDEX has dwindled its activities or operation, appearing only for a few days this May. This is quite unusual given that in the past five months or so, this prevalent online banking threat has always been active in the computing landscape. .....Selasa, 07 Jun 2016
CryptXXX updated to version 3.0, Decryptors no longer WorkLawrence Abrams, Bleeping ComputerOn May 21st, the developers behind the CryptXXX ransomware updated their code to version 3.0 in order to stop Kaspersky's RannohDecryptor from decrypting files for free. Unfortunately, it appears that this update has also had the unintended consequence of breaking the malware developers decryptor. ....Selasa, 07 Jun 2016
Crouching Tiger, Hidden DNSWeLiveSecurity (ESET Blog)One particularly noteworthy issue we are seeing is an interesting DNS hijack that sets the victim’s computer to use specific DNS servers. ....Selasa, 07 Jun 2016
Cybercriminals add DDoS component to ransomware payloadsHelp Net SecurityInstead of just encrypting data files on a workstation (plus any network drive it can find) and locking the machine, a new variant of the Cerber ransomware is now adding a DDoS bot that can quietly blast spoofed network traffic at various IPs, according to KnowBe4. ....Selasa, 07 Jun 2016
New Wekby Attacks Use DNS Requests As Command and Control MechanismJosh Grunzweig, Mike Scott and Bryan Lee, Unit42 (Paloalto Networks Blog)We have observed an attack led by the APT group Wekby targeting a US-based organization in recent weeks. Wekby is a group that has been active for a number of years, targeting various industries such as healthcare, telecommunications, aerospace, defense, and high tech. ....Selasa, 07 Jun 2016
Operation Ke3chang Resurfaces With New TidePool MalwareMicah Yates, Mike Scott, Brandon Levene, Jen Miller-Osborn and Tom Keigher, Unit42 (Paloalto NetworkLittle has been published on the threat actors responsible for Operation Ke3chang since the report was released more than two years ago. However, Unit 42 has recently discovered the actors have continued to evolve their custom malware arsenal. We’ve discovered a new malware family we’ve named TidePool. ....Selasa, 07 Jun 2016
IXESHE Derivative IHEATE Targets Users in AmericaRazor Huang and CH Lei, TrendLabs Security Intelligence Blog (Trend Micro)Since 2012, we’ve been keeping an eye on the IXESHE targeted attack campaign. Since its inception in 2009, the campaign has primarily targeted governments and companies in East Asia and Germany. However, the campaign appears to have shifted tactics and is once again targeting users in the United States. ....Selasa, 07 Jun 2016
CVE-2015-2545: overview of current threatsGReAT, SecureList (Kaspersky Lab Blog)CVE-2015-2545 is a vulnerability discovered in 2015 and corrected with Microsoft’s update MS15-099. The vulnerability affects Microsoft Office versions 2007 SP3, 2010 SP2, 2013 SP1 and 2013 RT SP1. ....Selasa, 07 Jun 2016
Disclaimer | Copyright © 2013 - Id-SIRTII/CC
Id-SIRTII/CC - Indonesia Security Incident Response Team on Internet Infrastructure/Coordination Center
Menara Ravindo Lt. 17, Jl. Kebon Sirih No. 75 Jakarta Pusat, 10340, Indonesia
Member of: