News
Analyzed 3 days
ago based on code collected 3 days ago.
|
Posted
3 days
ago
by
jaime.blasco
Last week, our friends from Norman published a great report on a cyber espionage campaign named Operation Hangover. We have released some Yara rules to detect most of the payloads mentioned on the paper. You can download the rules from our Github space: On the other hand the Hangover attackers have been using several … Read more →
|
||||||
|
Posted
21 days
ago
by
jaime.blasco
A few days ago we reported a new Watering Hole campaign affecting a U.S Department of Labor website. In our first analysis we reported that the exploited vulnerability was CVE-2012-4792Â . Further analysis showed that the vulnerability exploited
|
||||||
|
Posted
25 days
ago
by
jaime.blasco
During the last few hours we have identified that one the U.S. Department of Labor website has been hacked and it is serving malicious code. Clarification: The website affected is the The Department of Labor (DOL) Site Exposure Matrices (SEM)
|
||||||
|
Posted
27 days
ago
by
Eduardo De la Arada
UrlQuery is a service for detecting and analyzing web-based malware, claims its webside, this service is very useful and provides a full specific report of the submitted webpage. We use these services a lot in the lab, so we’ve decided to make
|
||||||
|
Posted
about 1 month
ago
by
jaime.blasco
 - What is Bitcoin? Bitcoin is an online descentralised virtual currency based on an open source, P2P protocol. Bitcoins can be transferred using a computer without relying on a financial institution. If you haven’t heard about Bitcoin I recommend
|
||||||
|
Posted
2 months
ago
by
jaime.blasco
Summary During the last few years, we have been publishing about a group of hackers who have focused on targeting DIB (Defence Industrial Base) and other government organizations: - Another Sykipot sample likely targeting US federal agencies - Are
|
||||||
|
Posted
2 months
ago
by
jaime.blasco
During the day I’ve been thinking about what have just happened in South Korea. We have published earlier today a quick blog post about how the wiper payload works. It is a very simple piece of code that overwrites the MBR (Master Boot Record) making the affected system unable to start after reboot. Other companies have … Read more →
|
||||||
|
Posted
2 months
ago
by
jaime.blasco
As many of you would probably know several South Korean banks and media companies have been affected by an attack that has wiped several systems. It seems the South Korean security company Nshc has published more details on his Facebook Page Based on the samples we collected, the malware overwrites the MBR (Master Boot Record) … Read more →
|
||||||
|
Posted
2 months
ago
by
jaime.blasco
Last month Adobe released a fix to patch a vulnerability that was being exploited in the wild. Kaspersky found that the 0day was being used by a very sophisthicated group to target different governments  using a malware called MiniDuke. Alienvault
|
||||||
|
Posted
3 months
ago
by
jaime.blasco
I’m sure all of you have heard about Mandiant’s APT1 report published yesterday. As many of you probably know we have been tracking and exposing this group for a long time as well as other individuals and companies in the security industry. A
|
||||||
Copyright
©
2013
Black Duck Software, Inc.
and its contributors, Some Rights Reserved. Unless otherwise marked, this work is licensed under a
Creative Commons Attribution 3.0 Unported License
. Ohloh
®
and the Ohloh logo are trademarks of
Black Duck Software, Inc.
in the United States and/or other jurisdictions. All other trademarks are the property of their respective holders.