Author Archives: CIRT Team



CIRT Team

in News Clipping

CowerSnail, from the creators of SambaCry [securelist]

Kaspersky Lab analysts managed to detect a malicious program for Windows that was apparently created by the same group responsible for SambaCry. It was the common C&C server that both programs used – cl.ezreal.space:20480 – that suggested a relationship between them. Kaspersky Lab products detect the new malicious program as...

Read more

0
27 Jul 2017
in News Clipping

“Tick” Group Continues Attacks [paloaltonetworks]

The “Tick” group has conducted cyber espionage attacks against organizations in the Republic of Korea and Japan for several years. The group focuses on companies that have intellectual property or sensitive information like those in the Defense and High-Tech industries. The group is known to use custom malware called Daserf,...

Read more

0
27 Jul 2017
in Security Advisories & Alerts

Heimdal CVE-2017-11103 Man in the Middle Security Bypass Vulnerability

Description: Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus’ Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained from the encrypted version stored in ‘enc_part’ instead of the unencrypted version...

Read more

0
25 Jul 2017
in News Clipping

Spring Dragon – Updated Activity [securelist]

Spring Dragon is a long running APT actor that operates on a massive scale. The group has been running campaigns, mostly in countries and territories around the South China Sea, since as early as 2012. The main targets of Spring Dragon attacks are high profile governmental organizations and political parties,...

Read more

0
25 Jul 2017
Page 10 of 32« First...89101112...2030...Last »