Search Results for: Forensic

Results 1 - 10 of 1268 Page 1 of 127
Results per-page: 10 | 20 | 50 | 100

Government Organizations Targeted in quot;Netrepserquot; Attacks (SecurityWeek)

Posted on: 2017-05-05

A report published by Bitdefender on Friday details a previously undocumented cyber espionage campaign that leverages a piece of malware dubbed “Netrepser” to target government organizations. The first Netrepser malware samples were discovered by the security firm in May 2016. No information has been shared on the location of the targets, but researchers determined, based on data from the threat’s command and control (C&C) infrastructure, that the malware had infected more than 500 machines. Most of the victims are government agencies. Bitdefender told SecurityWeek that the attacks are ongoing, and the company has not found any evidence linking this campaign…

Microsoft’s Windows warning: Hackers hijacked software updater with in-memory malware (ZDNet)

Posted on: 2017-05-05

Microsoft has shown how Windows Defender ATP detected anomalous updater behavior. Image: Microsoft Microsoft is warning software vendors to protect their updater processes after discovering a "well-planned, finely orchestrated" attack that hijacked an unnamed editing tool's software supply chain.As Microsoft's threat response group explains, the attackers used the update mechanism of a popular but unnamed piece of editing software to gain a foothold in several high-profile technology and financial organizations. The software vendor itself was also under attack, it says. The espionage campaign, dubbed WilySupply by Microsoft, is likely to be financially motivated and target updaters to reach mostly finance…

Microsoft’s Windows warning: Hackers hijacked software updater with in-memory malware (ZDNet)

Posted on: 2017-05-05

Microsoft has shown how Windows Defender ATP detected anomalous updater behavior. Image: Microsoft Microsoft is warning software vendors to protect their updater processes after discovering a "well-planned, finely orchestrated" attack that hijacked an unnamed editing tool's software supply chain.As Microsoft's threat response group explains, the attackers used the update mechanism of a popular but unnamed piece of editing software to gain a foothold in several high-profile technology and financial organizations. The software vendor itself was also under attack, it says. The espionage campaign, dubbed WilySupply by Microsoft, is likely to be financially motivated and target updaters to reach mostly finance…

Authorities Take Down Darknet Marketplace (SecurityWeek)

Posted on: 2017-05-05

Europol announced Thursday that it had assisted the Slovak NAKA crime unit in the arrest of a Slovak national believed to operate a small darknet marketplace dealing in drugs and arms. The individual is in police custody, and several of his premises have been searched. "In one of the locations searched," says the Europol statement, "Slovak authorities discovered and seized five firearms and approximately 600 rounds of ammunition of different calibres. The investigators also found a sophisticated indoor cannabis plantation, 58 cannabis plants and a Bitcoin wallet containing bitcoins worth EUR 203 000, which is thought to have been obtained…

“Mass Triage Part 3: Processing Returned Files – At Jobs”

Posted on: 2017-05-05

Our story so far... Frank, working with Hermes, another security analyst, goes to work to review the tens of thousands of files retrieved by FRAC. They start off by reviewing the returned AT jobs. AT Job Used by Actors AT jobs are scheduled tasks creat... Source: Security Bloggers Network @ May 4, 2017 at 11:02PM

“Rapid Provisioning of a Malware Analysis Environment”

Posted on: 2017-05-05

The preparation of a malware analysis environment can often be a lengthy and repetitive process. I am not referring to setting up a virtual machine which contains all of your tools, but rather recognising that each sample you analyse may have very spec... Source: Security Bloggers Network @ May 4, 2017 at 11:02PM

“Rapid Provisioning of a Malware Analysis Environment”

Posted on: 2017-05-05

The preparation of a malware analysis environment can often be a lengthy and repetitive process. I am not referring to setting up a virtual machine which contains all of your tools, but rather recognising that each sample you analyse may have very spec... Source: Security Bloggers Network @ May 4, 2017 at 11:02PM

“Mass Triage Part 3: Processing Returned Files – At Jobs”

Posted on: 2017-05-05

Our story so far... Frank, working with Hermes, another security analyst, goes to work to review the tens of thousands of files retrieved by FRAC. They start off by reviewing the returned AT jobs. AT Job Used by Actors AT jobs are scheduled tasks created using the at.exe command. At jobs take the filename format … Continue reading Mass Triage Part 3: Processing Returned Files - At Jobs Source: SANS Digital Forensics and Incident Response Blog @ May 4, 2017 at 09:34PM

“Rapid Provisioning of a Malware Analysis Environment”

Posted on: 2017-05-05

The preparation of a malware analysis environment can often be a lengthy and repetitive process. I am not referring to setting up a virtual machine which contains all of your tools, but rather recognising that each sample you analyse may have very specific environmental requirements before it is willing to execute fully. For example, it … Continue reading Rapid Provisioning of a Malware Analysis Environment Source: SANS Digital Forensics and Incident Response Blog @ May 4, 2017 at 09:34PM

What To See in Austin – Security Congress Sessions Announced

Posted on: 2017-05-04

With less than 150 days until Security Congress, the full agenda has been released. Keynote speakers include Ben Makuch, national security reporter for VICE News, Donald W. Freese, deputy assistant director at the FBI, and Juliette Kayyem, founder of Kayyem Solutions. The seventh annual conference will be hosted at the JW Marriott Austin, September 25-27, 2017. There will be 11 tracks at this year’s event, including: Cloud Security Cyber Crime Critical Infrastructure Incident Response & Forensics Governance, Regulation & Compliance Identity Access Management People & Security Professional Development Software Assurance/Application Security Swiss Army Knife Threats We listened to the feedback…