Anonymous Attacks North Carolina Websites over Controversial Anti-LGBT Law

  • Jumat, 03 Jun 2016
  • Penulis: Catalin Cimpanu, Softpedia

Members associated with the Anonymous movement have launched DDoS attacks against several North Carolina government online portals as a method of protest against the recent House Bill 2 (HB2) that includes several clauses perceived as anti-LGBT. ...

Selengkapnya

Bangladesh heist linked to attack on Sony: BAE researchers

  • Jumat, 03 Jun 2016
  • Penulis: Jim Finkle, Reuters

Malicious software used in February's $81 million heist at Bangladesh Bank is linked to other cyber attacks, including the high-profile 2014 attack on Sony's Hollywood studio, according to a new report from cyber security firm BAE Systems. ....

Selengkapnya

Targeted Attacks Against Banks In The Middle East

  • Jumat, 03 Jun 2016
  • Penulis: Sudeep Singh and Yin Hong Chang, Threat Research Blog (FireEye)

"In the first week of May 2016, FireEye’s DTI identified a wave of emails containing malicious attachments being sent to multiple banks in the Middle East region. The threat actors appear to be performing initial reconnaissance against would-be targets, and the attacks caught our attention since they were using unique scripts not commonly seen in crimeware campaigns. ...

Selengkapnya

Operation Groundbait: Espionage in Ukrainian war zones

  • Jumat, 03 Jun 2016
  • Penulis: Robert Lipovsky, WeLiveSecurity (ESET)

Cyber-surveillance focusing on separatists The main point that sets Operation Groundbait apart from the other attacks is that it has mostly been targeting anti-government separatists in the self-declared Donetsk and Luhansk People’s Republics. ....

Selengkapnya

Petya Ransomware's Encryption Defeated and Password Generator Released

  • Kamis, 02 Jun 2016
  • Penulis: Lawrence Abrams, Bleeping Computer

An individual going by the twitter handle leostone was able to create an algorithm that can generate the password used to decrypt a Petya encrypted computer. In my test this, this algorithm was able to generate my key in 7 seconds ....

Selengkapnya

Widespread Jboss Backdoors A Major Threat

  • Kamis, 02 Jun 2016
  • Penulis: Alexander Chiu, Talos (Cisco Blog)

Recently a large scale ransomware campaign delivering Samsam changed the threat landscape for ransomware delivery. Targeting vulnerabilities in servers to spread ransomware is a new dimension to an already prolific threat. Due to information provided from our Cisco IR Services Team, stemming from a recent customer engagement, we began looking deeper into the JBoss vectors that were used as the initial point of compromise. Initially, we started scanning the internet for vulnerable machines. This led us to approximately 3.2 million at-risk machines. ....

Selengkapnya

PwnedList Shutdown Unrelated to Recent Vulnerability

  • Kamis, 02 Jun 2016
  • Penulis: Michael Mimoso, ThreatPost

For example, say a malicious hacker wanted to gain access to a corporate email server. The attacker would pull up a report from PwnedList for that company’s domain which could contain 10,000-plus user credentials depending on the company’s size,” Hodges said. “The attacker would then use a script or utility to try and authenticate each set of credentials using the company’s public-facing email server. ....

Selengkapnya

A bomb just dropped in endpoint security… and I’m not sure anyone noticed

  • Selasa, 31 May 2016
  • Penulis: Alex Eckelberry's Blog

VirusTotal just dropped a major bomb, and only people deep in the endpoint security ecosystem understand the ramifications of this announcement. ....

Selengkapnya

CBS Sports App Transmitted Data Unencrypted

  • Selasa, 31 May 2016
  • Penulis: Chris Brook, Threat Post (Kaspersky Lab Blog)

CBS recently fixed a vulnerability in its popular Sports application that could have exposed users to man-in-the-middle attacks and inadvertently leaked personal data. .....

Selengkapnya

Learning from Bait and Switch Mobile Ransomware

  • Selasa, 31 May 2016
  • Penulis: Jordan Pan, TrendLabs Security Intelligence Blog (Trend Micro)

We have recently caught sight of a mobile ransomware distributed by fake adult websites. It not only locks the device screen and display a warning supposedly coming from law enforcement—a tactic reminiscent of the Police Trojan that plagued desktops before—it also activates the unit’s front facing camera to add to its scare tactic. However, while it has routines unique to mobile ransomware, it also has a particular set of weaknesses that stand out.

Selengkapnya

Pemantauan Trafik Internet Nasional

Laporan pemantauan trafik internet nasional dengan menampilkan laporan trafik mingguan, trafik bulanan dan trafik tahunan.

Peringatan Ancaman Keamanan & Kerentanan Sistem

Kumpulan arikel tentang peringatan dini ancaman keamanan dan kerentanan sistem.

Security News

Kumpulan berita tentang keamanan siber atau IT.

Laporan Insiden

Id-SIRTII/CC menerima pelaporan insiden dari publik untuk kemudian dilakukan koordinasi kepada pihak-pihak yang berkepentingan.