Friday, April 29, 2016

Ransomware warning from FBI.




FBI has released Ransomware warning today, April 29 2016. According to FBI the Ransomware attack has seen to grow during 2015 because of the high return value. Ransomware is a program that attackers used to encrypt the victim’s system and ask organization to pay money for the decryption key. FBI said, there is no guarantee that organizations get the key even after they pay the attackers, so the agency recommends not to pay for the Ransomware attack.
Criminals used to use email as means to send Ransomware to a target victim, but due to the improvement in email filtering system this technique is less being used. Currently, criminals are using more sophisticated technique like spear phishing e-mails targeting specific individuals.
Please the detail of the report on the following link.
https://www.fbi.gov/news/stories/2016/april/incidents-of-ransomware-on-the-rise/incidents-of-ransomware-on-the-rise
Posted by at No comments:

Friday, April 22, 2016

POWERSHELL USED FOR SPREADING TROJAN.LAZIOK THROUGH GOOGLE DOCS, FIREEYE REPORTED



 Laziok, a reconnaissance tool and information stealer, was first spotted last year when a threat group leveraged the malware in a sophisticated multi-stage attack campaign targeting energy companies in the Middle East. Attackers exploited an old Windows vulnerability tracked as CVE-2012-0158 to drop the Trojan onto users’ systems.
For detail refer

http://www.securityweek.com/attackers-deliver-laziok-trojan-google-docs


Since at least late December of 2015, four vulnerabilities – CVE-2012-0158, CVE-2012-1856, CVE-2015-1641, and CVE-2015-1770 – related to the parsing of Microsoft Rich Text File (RTF) documents are being leveraged by advanced threat actors to launch exploitation campaigns against members of the Tibetan community, along with journalists and human rights workers in Hong Kong and Taiwan. One of these vulnerabilities – CVE-2015-1641 – has been typically used in cybercrime operations starting in 2015 and has not been widely observed in use by Advanced Persistent Threat (APT) actors until recently. The vulnerabilities are being used to deliver Chinese-oriented malware payloads such as Grabber, T9000, Kivars, PlugX, Gh0StRAT and Agent.XST.
For detail refer

https://www.arbornetworks.com/blog/asert/four-element-sword-engagement/

Posted by at No comments:

Thursday, April 14, 2016

Protocols identified as a potential attack vectors


A report from US-CERT identified the following protocols as a potential attack vectors.
  • DNS
  • NTP
  • SNMPv2
  • NetBIOS
  • SSDP
  • CharGEN
  • QOTD
  • BitTorrent
  • Kad
  • Quake Network Protocol
  • Steam Protocol
  • RIPv1
  • Multicast DNS (mDNS)
  • Portmap/RPC
please see detail report on the following link.

Posted by at No comments:

Sunday, April 10, 2016

Credit cards frfraud scheme

PERRYVILLE, Mo. (AP) - Three people are in custody in Missouri in connection with a credit card fraud scheme.
KFVS-TV reports that a man from Battle Creek, Mich., contacted police in Perryville, Mo., to say his credit card had been used at a Perryville convenience store on Friday. Surveillance video led to suspects at a motel.
Police arrested three people.
The suspects allegedly used stolen personal information to create credit cards and gift cards. =
Posted by at No comments:
Subscribe to: Posts (Atom)