Anonymous Attacks North Carolina Websites over Controversial Anti-LGBT LawCatalin Cimpanu, SoftpediaMembers associated with the Anonymous movement have launched DDoS attacks against several North Carolina government online portals as a method of protest against the recent House Bill 2 (HB2) that includes several clauses perceived as anti-LGBT. ...Jumat, 03 Jun 2016
Bangladesh heist linked to attack on Sony: BAE researchersJim Finkle, ReutersMalicious software used in February's $81 million heist at Bangladesh Bank is linked to other cyber attacks, including the high-profile 2014 attack on Sony's Hollywood studio, according to a new report from cyber security firm BAE Systems. ....Jumat, 03 Jun 2016
Targeted Attacks Against Banks In The Middle EastSudeep Singh and Yin Hong Chang, Threat Research Blog (FireEye)"In the first week of May 2016, FireEye’s DTI identified a wave of emails containing malicious attachments being sent to multiple banks in the Middle East region. The threat actors appear to be performing initial reconnaissance against would-be targets, and the attacks caught our attention since they were using unique scripts not commonly seen in crimeware campaigns. ...Jumat, 03 Jun 2016
Operation Groundbait: Espionage in Ukrainian war zones Robert Lipovsky, WeLiveSecurity (ESET)Cyber-surveillance focusing on separatists The main point that sets Operation Groundbait apart from the other attacks is that it has mostly been targeting anti-government separatists in the self-declared Donetsk and Luhansk People’s Republics. ....Jumat, 03 Jun 2016
Petya Ransomware's Encryption Defeated and Password Generator Released Lawrence Abrams, Bleeping ComputerAn individual going by the twitter handle leostone was able to create an algorithm that can generate the password used to decrypt a Petya encrypted computer. In my test this, this algorithm was able to generate my key in 7 seconds ....Kamis, 02 Jun 2016
Widespread Jboss Backdoors A Major ThreatAlexander Chiu, Talos (Cisco Blog)Recently a large scale ransomware campaign delivering Samsam changed the threat landscape for ransomware delivery. Targeting vulnerabilities in servers to spread ransomware is a new dimension to an already prolific threat. Due to information provided from our Cisco IR Services Team, stemming from a recent customer engagement, we began looking deeper into the JBoss vectors that were used as the initial point of compromise. Initially, we started scanning the internet for vulnerable machines. This led us to approximately 3.2 million at-risk machines. ....Kamis, 02 Jun 2016
PwnedList Shutdown Unrelated to Recent VulnerabilityMichael Mimoso, ThreatPostFor example, say a malicious hacker wanted to gain access to a corporate email server. The attacker would pull up a report from PwnedList for that company’s domain which could contain 10,000-plus user credentials depending on the company’s size,” Hodges said. “The attacker would then use a script or utility to try and authenticate each set of credentials using the company’s public-facing email server. ....Kamis, 02 Jun 2016
A bomb just dropped in endpoint security… and I’m not sure anyone noticedAlex Eckelberry's BlogVirusTotal just dropped a major bomb, and only people deep in the endpoint security ecosystem understand the ramifications of this announcement. ....Selasa, 31 May 2016
CBS Sports App Transmitted Data UnencryptedChris Brook, Threat Post (Kaspersky Lab Blog)CBS recently fixed a vulnerability in its popular Sports application that could have exposed users to man-in-the-middle attacks and inadvertently leaked personal data. .....Selasa, 31 May 2016
Learning from Bait and Switch Mobile RansomwareJordan Pan, TrendLabs Security Intelligence Blog (Trend Micro)We have recently caught sight of a mobile ransomware distributed by fake adult websites. It not only locks the device screen and display a warning supposedly coming from law enforcement—a tactic reminiscent of the Police Trojan that plagued desktops before—it also activates the unit’s front facing camera to add to its scare tactic. However, while it has routines unique to mobile ransomware, it also has a particular set of weaknesses that stand out.Selasa, 31 May 2016
Disclaimer | Copyright © 2013 - Id-SIRTII/CC
Id-SIRTII/CC - Indonesia Security Incident Response Team on Internet Infrastructure/Coordination Center
Menara Ravindo Lt. 17, Jl. Kebon Sirih No. 75 Jakarta Pusat, 10340, Indonesia
Member of: