> Carving for Cookies: Supersize your Internet History Timeline using Google Analytic Artifacts
Malware/APT
> Sandworm APT exploits, BlackEnergy malware
- [2014-11-04] http://www.scmagazine.com/experts-share-new-insight-on-sandworm-apt-exploits-blackenergy-malware/article/381378/
- [2014-11-03] http://securelist.com/blog/research/67353/be2-custom-plugins-router-abuse-and-target-profiles/
- [2014-11-04] http://www.symantec.com/connect/blogs/spincom-visitors-served-malware-instead-music
- [2014-11-04] http://www.scmagazine.com/the-popular-music-news-site-redirected-visitors-to-the-rig-exploit-kit/article/381364/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SCMagazineHome+(SC+Magazine)
- [2014-11-05] http://www.net-security.org/malware_news.php?id=2906&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+(Help+Net+Security)
- [2014-11-03] http://blog.fortinet.com/post/rom-a-new-version-of-the-backoff-pos-malware
- [2014-11-05] http://www.macworld.co.uk/news/mac-software/apple-security-checks-may-miss-iworm-malware-3584239/
- [2014-10-31] https://www.virusbtn.com/virusbulletin/archive/2014/10/vb201410-iWorm
- [2014-09-29] http://news.drweb.com/show/?i=5977&lng=en
- [2014-11-06] http://www.spamfighter.com/News-19279-Cybercriminals-Changed-Tactics-and-Started-Using-Dridex-to-Steal-Banking-Credentials.htm
- [2014-11-05] http://blog.trendmicro.com/trendlabs-security-intelligence/banking-trojan-dridex-uses-macros-for-infection/
- [2014-10-24] http://researchcenter.paloaltonetworks.com/2014/10/dridex-banking-trojan-distributed-word-documents/
- [2014-08-03] http://stopmalvertising.com/malware-reports/analysis-of-dridex-cridex-feodo-bugat.html
- [2014] https://feodotracker.abuse.ch/?filter=version_d
- [2014-11-06] http://www.spamfighter.com/News-19280-DHS-Warns-Dyre-Being-Used-to-Rob-Banking-Credentials.htm
- [2014-11-06] http://mdaily.bhaskar.com/news/4444/top-news/GAD-dyreza-trojan-email-attachmnet-zip-pdf-ppt-warning-cert-4798124-NOR.html?referrer_url=http://feedly.com/index.html
- [2014-10-10] http://www.infosecurity-magazine.com/news/rovnix-malware-reloads/
- [2014-10-09] https://www.csis.dk/en/csis/news/4472/
- [2012-02-22] http://www.welivesecurity.com/2012/02/22/rovnix-reloaded-new-step-of-evolution/
- [2014-11-06] http://www.forbes.com/sites/thomasbrewster/2014/11/06/china-wirelurker-ios-malware/
- [?] https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/reports/Unit_42/unit42-wirelurker.pdf
Exploits/Vulnerabilities
> FreeBSD Vulnerability (CVE-2014-8517)
- [2014-11-05] http://malwarelist.net/2014/11/05/remote-command-execution-in-freebsd/
- [2014-11-05] https://lists.freebsd.org/pipermail/freebsd-announce/2014-November/001601.html
> CVE-2014-0569 Analysis (seen to be integrated into the Fiesta EK)
- [2014-11-05] http://blogs.technet.com/b/mmpc/archive/2014/11/05/cracking-the-cve-2014-0569-nutshell.aspx
> CVE-2014-4113 Analysis (Windows Kernel Mode Vulnerability, AKA Sandworm Vulnerability)
> CVE-2014-4115 Analysis (Malicious USB Disks Allow for Possible Whole System Control)
Phishing
> Operation Huyao
No comments:
Post a Comment