SECURITY NEWS

New Downloader for Locky

  • Selasa, 24 May 2016
  • Penulis: Jonell Baltazar and Joonho Sa, Threat Research Blog (FireEye)

Locky is ransomware that is aggressively distributed via downloaders attached in spam emails, and it may have surpassed the Dridex banking trojan in popularity. In previous campaigns, the ransomware was downloaded by a macro-based downloader or a JavaScript downloader. However, in April 2016, FireEye Labs observed a new development in the way this ransomware is downloaded onto a compromised system.

Selengkapnya

New Crypto-Ransomware JIGSAW Plays Nasty Games

  • Selasa, 24 May 2016
  • Penulis: Jasen Sumalapao, TrendLabs Security Intelligence Blog (Trend Micro)

The evolution of crypto-ransomware in terms of behavior takes a step forward, and a creepy one at that. We have recently encountered a nasty crypto-ransomware variant called JIGSAW. Reminiscent to the horror film Saw, this malware toys with users by locking and deleting their files incrementally. To an extent, it instills fear and pressures users into paying the ransom. It even comes with an image of Saw’s very own Billy the puppet, and the red analog clock to boot. ...

Selengkapnya

Meet GozNym: The Banking Malware Offspring Of Gozi ISFB And Nymaim

  • Selasa, 24 May 2016
  • Penulis: Limor Kessem, Security Intelligence (IBM Blog)

IBM X-Force Research uncovered a Trojan hybrid spawned from the Nymaim and Gozi ISFB malware. It appears that the operators of Nymaim have recompiled its source code with part of the Gozi ISFB source code, creating a combination that is being actively used in attacks against more than 24 U.S. and Canadian banks, stealing millions of dollars so far. X-Force named this new hybrid GozNym.

Selengkapnya

Latest TeslaCrypt Targets New File Extensions, Invests Heavily in Evasion

  • Selasa, 24 May 2016
  • Penulis: Michael Mimoso, Threat Post (Kaspersky Lab Blog)

TeslaCrypt, like many of its ransomware cousins, doesn’t sleep on past success. Researchers at Endgame Inc., have found two updates for the cryptoransomware in the past two weeks that invest heavily in obfuscation and evasion techniques, and also target a host of new file extensions.

Selengkapnya

Kovter Ad Fraud Trojan Evolves Into Ransomware

  • Selasa, 24 May 2016
  • Penulis: SecurityWeek

Kovter, a recently discovered piece of ransomware, represents the latest step in the evolution of a malicious program from police scareware to ad fraud Trojan and now file-encrypting malware. ...

Selengkapnya

German nuclear plant infected with computer viruses, operator says

  • Selasa, 24 May 2016
  • Penulis: Christoph Steitz and Eric Auchard, Reuters

The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE. .....

Selengkapnya

Fake Social Button Plugin Redirects to Angler EK

  • Selasa, 24 May 2016
  • Penulis: Jérôme Segura, Malwarebytes Labs

Compromised websites remain one of the surefire ways to redirect innocent visitors to exploit kits. During the past few days we’ve started seeing an unusual route to the infamous Angler EK, notorious for leveraging hacked WordPress and Joomla CMSs. ...

Selengkapnya

Dental Assn Mails Malware to Members

  • Selasa, 24 May 2016
  • Penulis: Brian Krebs, KrebsOnSecurity

The American Dental Association (ADA) says it may have inadvertently mailed malware-laced USB thumb drives to thousands of dental offices nationwide. ....

Selengkapnya

CryptXXX: New Ransomware From the Actors Behind Reveton, Dropping Via Angler

  • Selasa, 24 May 2016
  • Penulis: Kafeine, Threat Insight Blog (ProofPoint)

Proofpoint researchers recently found a previously undocumented ransomware spreading since the end of March through Bedep after infection via the Angler Exploit Kit (EK). ....

Selengkapnya

C&C Flaw Offers Glimpse into Dridex Operations

  • Selasa, 24 May 2016
  • Penulis: Eduard Kovacs, Security Week

Researchers have gained access to a command and control (C&C) panel of the Dridex banking malware, which has allowed them to determine how much information has been stolen by cybercriminals and how much money they might be making. ...

Selengkapnya

Pemantauan Trafik Internet Nasional

Laporan pemantauan trafik internet nasional dengan menampilkan laporan trafik mingguan, trafik bulanan dan trafik tahunan.

Peringatan Ancaman Keamanan & Kerentanan Sistem

Kumpulan arikel tentang peringatan dini ancaman keamanan dan kerentanan sistem.

Security News

Kumpulan berita tentang keamanan siber atau IT.

Laporan Insiden

Id-SIRTII/CC menerima pelaporan insiden dari publik untuk kemudian dilakukan koordinasi kepada pihak-pihak yang berkepentingan.