Authors: Xeno Kovah, Corey Kallenberg, John Butterworth amd Sam Cornwell - The MITRE CorporationPresentation Overview: http://conference.hitb.org/hitbsecconf2014kul/sessions/watching-the-watcher-... read more
Featured Slideshow
Viruses & Malware
Viruses & Malware
Macro-based malware is making a comeback, researchers warn
Submitted by l33tdawg on Thu, 2015-01-08 02:31
For the past several months, different groups of attackers have distributed malware through Microsoft Office documents that contain malicious macros, reviving a technique that has been out of style for over a decade.
Macros are scripts that contain commands for automating tasks in various applications. Microsoft Office programs like Word and Excel support macros written in Visual Basic for Applications (VBA) and these can be used for malicious activities like installing malware.
Sony attackers also stole certificates to sign malware
Submitted by l33tdawg on Tue, 2014-12-09 23:43
Security firm Kaspersky Labs reports that a new sample of the Destover malware—the malware family used in the recent attack on the networks of Sony Pictures—has been found bearing a valid digital signature that could help it sneak past security screening on some Windows systems. And that digital signature is courtesy of a certificate stolen from Sony Pictures.
Inside the "wiper" malware that brought Sony Pictures to its knees
Submitted by l33tdawg on Thu, 2014-12-04 22:19
Details of malware that may have been associated with the attack on Sony Pictures were disseminated in an FBI “Flash” earlier this week. A copy of the memorandum obtained by Ars Technica details “a destructive malware used by unknown computer network exploitation (CNE) operators” that can destroy all the data on Windows computers it infects and spread itself over network file shares to attack Windows servers.
Nation state spying malware revealed
Submitted by l33tdawg on Sun, 2014-11-23 23:34
Symantec Security Response has discovered a new malware called Regin which, they say, "...displays a degree of technical competence rarely seen and has been used in spying operations against governments, infrastructure operators, businesses, researchers, and private individuals."
This back-door trojan has been in use, according to the security company, since at least 2008, and has stayed under the radar since.
Citadel malware attacking open source password managers
Submitted by l33tdawg on Fri, 2014-11-21 00:45
The king of the castle has a new tormentor.
IBM’s Trusteer researchers have discovered a new configuration of the Citadel malware that attacks certain password managers. The configuration activates key logging when certain processes are running on the infected machine. The targeted processes include Password Safe and KeePass, two open-source password managers. The variant also targets the nexus Personal Security Client used to secure financial transactions and other services that require heightened security.