Author Archives: CIRT Team



CIRT Team

in News Clipping

EU to Declare Cyber-Attacks “Act of War” [source: infosecurity-magazine]

European Union member states have drafted a diplomatic document which states serious cyber-attacks by a foreign nation could be construed as an act of war. The document, said to have been developed as a deterrent to provocations by the likes of Russia and North Korea, will state that member states may respond to online attacks with conventional weapons “in the gravest circumstances.” The framework on...

Read More

0
01 Nov 2017
in News Clipping

ONI Ransomware Used in Attacks Against Japanese Companies [source: bleepingcomputer]

As more and more ransomware outbreaks are discovered, the line has become blurred in whether they are being utilized as a wiper or an actual ransomware. Such is the case with a new ransomware attack called ONI that has been used in targeted month long attacks against Japanese companies. It all started when security firm Cybereason analyzed some computers that were infected with a ransomware called...

Read More

0
01 Nov 2017
in CIRT In Media

‘আইসিটি লিডার অব দ্যা ইয়ার’ পুরস্কার পেলেন তথ্য ও যোগাযোগ প্রযুক্তি প্রতিমন্ত্রী জুনাইদ আহমেদ পলক

ওয়ার্ল্ড এইচআরডি কংগ্রেসের ‘আইসিটি লিডার অব দ্যা ইয়ার’ পুরস্কারে ভূষিত হয়েছেন তথ্য ও যোগাযোগ প্রযুক্তি প্রতিমন্ত্রী জুনাইদ আহমেদ পলক। আইসিটি শিল্পে ক্রমাগত উদ্ভাবন, তরুণ নেতা, পরিবর্তনের চালিকাশক্তি ও আইসিটি অবকাঠামো উন্নয়নে ভূমিকা রাখায় তাকে এ পুরস্কারে ভূষিত করা হয়। আইসিটি বিভাগ থেকে পাঠানো এক বিজ্ঞপ্তিতে এ তথ্য জানানো হয়েছে। রোববার রাজধানীর লো মেরিডিয়ান হোটেলে এক অনুষ্ঠানে তার হাতে এ পুরস্কার তুলে দেওয়া হয়। অনুষ্ঠানে প্রতিমন্ত্রী...

Read More

0
31 Oct 2017
in News Clipping

“Catch-All” Google Chrome Malicious Extension Steals All Posted Data [source: isc.sans]

 It seems that malicious Google Chrome extensions are on the rise. A couple of months ago, I posted here about two of them which stole user credentials posted on banking websites and alike. Now, while analyzing a phishing e-mail, I went through a new malware with a slight different approach: instead of monitoring specific URLs and focusing on credentials, it captures literally all data posted by...

Read More

0
31 Oct 2017
in News Clipping

Coin Miner Mobile Malware Returns, Hits Google Play [source: blog.trendmicro]

The efficacy of mobile devices to actually produce cryptocurrency in any meaningful amount is still doubtful. However, the effects on users of affected devices are clear: increased device wear and tear, reduced battery life, comparably slower performance. Recently, we found that apps with malicious cryptocurrency mining capabilities on Google Play. These apps used dynamic JavaScript loading and native code injection to avoid detection. We detect...

Read More

0
31 Oct 2017
in News Clipping

Security Firms Say Bad Rabbit Attack Carried Out by NotPetya Group [source: bleepingcomputer]

Several security firms have come forward today with evidence that shows links connecting the Bad Rabbit ransomware outbreak that happened yesterday with the NotPetya ransomware outbreak that took place at the end of June, this year. Most of the reports focused on the vast similarities between the Bad Rabbit and NotPetya source code. Companies like Bitdefender, Cisco Talos, ESET, Group IB, Intezer Labs, Kaspersky Lab, and Malwarebytes, along with security researcher Bart Parys,...

Read More

0
31 Oct 2017
in News Clipping

Back to the future: Threat actors dust off old tools for new tricks in the Q3 Threat Report [source: proofpoint]

As in 2016, the third quarter of 2017 was marked by peak year-to-date malicious message volumes. In this case, high-volume campaigns were led by ransomware, particularly Locky and, to lesser extents, Philadelphia and GlobeImposter, as well as The Trick banking Trojan. Notably, the majority of malicious email campaigns came from a single actor: TA505, whose extensive history was profiled in a recent Threat Insight blog. Throughout...

Read More

0
31 Oct 2017
in News Clipping

Dark Web markets selling remote access to corporate PCs [source: ibtimes]

Dark web vendors are now selling remote access to corporate computers for as little as $3 (£2.28). Dark web marketplaces have begun increasingly selling credentials to hacked Remote Desktop Protocol (RDP) servers, which allow hackers to spy on and steal data from companies without using malware. In case of Windows PCs, RDPs could allow hackers to remotely access a computer and compromise a corporate network, leaving the firm...

Read More

0
31 Oct 2017
in News Clipping

Coinhive breached due to old, reused password [source: helpnetsecurity]

Coinhive has suffered another setback: their DNS records have been surreptitiously changed by attackers, allowing them to steal cryptocurrency mined via the project’s script.   What is Coinhive? Coinhive is a project that provides Monero-mining JavaScript code to website owners who want to earn money but not bombard visitors with ads. The script uses the visitors’ computers’ CPU power to mine cryptocurrency, ideally with the...

Read More

0
26 Oct 2017
in News Clipping

MALVERTISING CAMPAIGN REDIRECTS BROWSERS TO TERROR EXPLOIT KIT [source: threatpost]

Security experts are warning some “Quit Smoking” and “20 Minute Fat Loss” ads online are delivering more than sales pitches. According to researchers at Zscaler, ads are redirecting browsers to malicious landing pages hosting the Terror exploit kit. The campaigns have been sustained, with the initial blast spotted on Sept. 1 and lasting through Oct. 23. “Terror EK activity has been low throughout the year...

Read More

0
26 Oct 2017
Page 99 of 134« First...102030...979899100101...110120130...Last »