Almost the complete Master File Table (MFT) can be decrypted. In this post, we describe our approach to collect more keystream bytes, which eventually leads to decrypt the complete disk. Technical Analysis Encryption of Files MFT records already store the content of a file, if the file is at most 900 bytes in size. This means that the tool decryptPetya.py from our first blog post can already...
Read More
The Anti-Phishing Working Group’s latest report found upticks in phishing attacks against companies in the Logistics & Shipping as well Cloud Storage & File Hosting sectors, mounted by cyber gangs against the accounts of both individuals and enterprises. Once they steal usernames and passwords, the criminals can then steal not only funds, but also use services to spend spam mail, order goods for resale, and other...
Read More
Systems Affected Domain Controllers File Servers Email Servers Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides information on advanced persistent threat (APT) actions targeting government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors. Working with U.S. and international partners,...
Read More
বর্তমানে সাইবার জগতের আলোচিত বিষয় হচ্ছে Advanced Persistent Threat (APT) এবং APT সাইবার হুমকির অন্যতম লক্ষ্যবস্তু হচ্ছে গুরুত্বপূর্ণ সরকারী স্থাপনা বা Critical Infrastructure সমূহ। সাইবার আক্রমণকারীরা প্রতিনিয়ত তাদের কর্মপন্থা পরিবর্তন করে যাচ্ছে যাতে তাদের কার্যকলাপ সনাক্ত করা না যায়। APT-এর উপর পরিচালিত এক গবেষণা থেকে জানা যায়, সাইবার আক্রমণকারীরা বৈধ (legitimate) ও আপাত দৃষ্টিতে সাধারন ই-মেইল এর মাধ্যমে Malware বিতরণ (distribution) করবার চেষ্টা করছে। Figure...
Read More
Member of the Board of Directors of FIRST.Org, Inc and Senior Internet Security Specialist of APNIC Mr. Adli Wahid has visited BGD e-GOV CIRT Headquarter situated in ICT Tower, Dhaka today (23 October 2017). During his presence in BGD e-GOV CIRT, he attended in a friendly meeting with CIRT Team, represented by Mr. Tawhidur Rahman, Team Leader, BGD e-GOV CIRT. He also attended in two...
Read More
On October 16th, 2017, a research paper with the title of “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” was made publicly available. This paper discusses seven vulnerabilities affecting session key negotiation in both the Wi-Fi Protected Access (WPA) and the Wi-Fi Protected Access II (WPA2) protocols. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key...
Read More
Cryptocurrencies have taken the world by storm. From the biggest player Bitcoin to newcomers such as Monero and Ethereum, cryptocurrency mining has become a hot industry due in part to powerful, dedicated mining hardware or by utilizing graphics cards’ parallel computing power. Recently, browser coin mining has taken off, for a lot of different reasons. Although the computing power per instance is much less than...
Read More
Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper (Reaper for this article), researchers estimate its current size at nearly two million infected devices. According to researchers, the botnet is mainly made up of IP-based security cameras, network video recorders (NVRs), and digital video recorders (DVRs). Based on Mirai, but not a Mirai offspring Researchers from Chinese security firm Qihoo 360...
Read More
Ransomware has been one of the most prevalent, prolific, and pervasive threats in the 2017 threat landscape, with financial losses among enterprises and end users now likely to have reached billions of dollars. Locky ransomware, in particular, has come a long way since first emerging in early 2016. Despite the number of times it apparently spent in hiatus, Locky remains a relevant and credible threat given its impact on end users and especially...
Read More
Veracode, Inc., a leader in securing the world’s software, and acquired by CA Technologies (NASDAQ:CA), today announced findings from the 2017 State of Software Security Report, a comprehensive review of application security testing data from scans conducted by CA Veracode’s base of more than 1,400 customers. Among other industry trends such as vulnerability fix rates and percent of applications with vulnerabilities, the report exposes the pervasive risk...
Read More