University pays $20,000 to ransomware hackers

  • Senin, 27 Jun 2016
  • Penulis: BBC News

The University of Calgary transferred 20,000 Canadian dollars-worth of bitcoins ($15,780; £10,840) after it was unable to unwind damage caused by a type of attack known as ransomware. ....

Selengkapnya

The new RAA Ransomware is created entirely using Javascript

  • Senin, 27 Jun 2016
  • Penulis: Lawrence Abrams, Bleeping Computer

A new ransomware was discovered by security researchers @JAMES_MHT and @benkow_ called RAA that is made 100% from JavaScript. In the past we had seen a ransomware called Ransom32 that was created using NodeJS and packaged inside an executable. RAA is different, because it is is not delivered via an executable, but rather is a standard JS file. ....

Selengkapnya

Slicing Into a Point-of-Sale Botnet

  • Senin, 27 Jun 2016
  • Penulis: Brian Krebs, KrebsOnSecurity

Over the weekend, I heard from a source who said that since November 2015 he’s been tracking a collection of hacked cash registers. This point-of-sale botnet currently includes more than 100 infected systems, and according to the administrative panel for this crime machine at least half of the compromised systems are running a malicious Microsoft Windows process called cicipos.exe. ...

Selengkapnya

Reverse-engineering DUBNIUM

  • Senin, 27 Jun 2016
  • Penulis: msft-mmpc, Threat Research and Response Blog (Microsoft TechNet)

We located multiple variants of multiple-stage droppers and payloads in the last few months, and although they are not really packed or obfuscated in a conventional way, they use their own methods and tactics of obfuscation and distraction ......

Selengkapnya

Resurrection Of The Evil Miner

  • Senin, 27 Jun 2016
  • Penulis: Dr. Fahim Abbasi, Dr. Farrukh Shahzad, Umair Ali Zafar, Safwan Khan and Hasib Latif, Threat Research

At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME (inline frame) – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate source and display it within the main web page – embedded in a PE binary (Portable Executable Binary, or .exe). .....

Selengkapnya

RansomWeb Attacks Are Five Times More Common in 2016

  • Kamis, 23 Jun 2016
  • Penulis: Catalin Cimpanu, Softpedia

RansomWeb attacks are happening five times more frequently in 2016, compared to 2015, security firm High-Tech Bridge is reporting, based on activity seen on its security products in the past six months. ....

Selengkapnya

'It's High Noon': Blizzard authentication servers fall offline

  • Kamis, 23 Jun 2016
  • Penulis: Steve Ragan, Salted Hash - Top Security News (CSO Blog)

Early Monday morning, gaming giant Blizzard had server issues, which led to authentication lockouts for gamers attempting to access Overwatch, Hearth Stone, World of Warcraft, Diablo, Heroes of the Stone, and more. .....

Selengkapnya

Black-Hat uses SQL injection to your site to boost their SEO ranking

  • Kamis, 23 Jun 2016
  • Penulis: SC Magazine

Instead of stealing your data, a criminal-run bot-net is using SQL injection to insert hidden links to boost the SEO of their own dodgey sites. .....

Selengkapnya

VB2015 paper: DDoS Trojan: A Malicious Concept that Conquered the ELF Format

  • Kamis, 23 Jun 2016
  • Penulis: Virus Bulletin

Recently, a new trend has emerged in non-Windows DDoS attacks. Malware has evolved into complex and relatively sophisticated pieces of code, employing compression, advanced encryption and even rootkit capabilities. Machines running systems supporting the ELF format are targeted – meaning that anything from desktops and servers to IoT devices such as routers or digital video recorders (DVRs) are at risk. ....

Selengkapnya

Lurk Banker Trojan: Exclusively for Russia

  • Rabu, 22 Jun 2016
  • Penulis: Alexey Shulmin and Mikhail Prokhorenko, SecureList (Kaspersky Lab Blog)

"One piece of advice that often appears in closed message boards used by Russian cybercriminals is “Don’t work with RU”. This is a kind of instruction given by more experienced Russian criminals to the younger generation. It can be interpreted as: “don’t steal money from people in Russia, don’t infect their machines, don’t use compatriots to launder money.”

Selengkapnya

Pemantauan Trafik Internet Nasional

Laporan pemantauan trafik internet nasional dengan menampilkan laporan trafik mingguan, trafik bulanan dan trafik tahunan.

Peringatan Ancaman Keamanan & Kerentanan Sistem

Kumpulan arikel tentang peringatan dini ancaman keamanan dan kerentanan sistem.

Security News

Kumpulan berita tentang keamanan siber atau IT.

Laporan Insiden

Id-SIRTII/CC menerima pelaporan insiden dari publik untuk kemudian dilakukan koordinasi kepada pihak-pihak yang berkepentingan.