GovWare 2020
outubro 7, 2020
GovWare Virtual Conference and Exhibition October 7-8, 2020 Virtual Event
“Shifu” Banking Trojan – Technical Analysis and Recommendations
janeiro 27, 2017
By: NSFOCUS Security Labs
Overview
The banking Trojan “Shifu” was discovered by the IBM counter fraud platform in April, 2015. Built on the Shiz source code, this Trojan employs techniques adopted by multiple notorious Trojans such as Zeus, Gozi, and Dridex. This particular Trojan targeted 14 banks in Japan and re-emerged in Britain compromising 10 banks on September 22, 2015. On January 6, 2017, Palo Alto Networks issued an article indicating that the author of this Trojan re-engineered the exploit in 2016. Specifically, this Trojan at its early stage obtained system privileges of the attacked host by exploiting the vulnerability CVE-2015-0003, but now achieves its purpose by leveraging the Windows privilege escalation vulnerability CVE-2016-0167. (mais…)
ElasticSearch Hit by Ransom Attack
janeiro 26, 2017
By: Dr. Richard Zhao, SVP of Global Threat Research, NSFOCUS
Overview
During the week of January 21, 2017, over 34,000 vulnerable MongoDB databases fell victim to a ransom attack. Data residing on these databases was erased or encrypted and bitcoin payment was demanded in lieu for return of the data. Moreover, on January 18th, 2017, several hundred ElasticSearch servers were hit by a ransom attack within a few hours, and data housed on those servers were erased with ransom demands. The methods that were used to attack the ElasticSearch servers where extremely similar to the exploit that was used in the MongoDB attack. Security researcher Niall Merrigan (who had been following up the MongoDB database compromise) stated, “till now, over 2711 ElasticSearch servers have been attacked.” Many of the victims reside in the USA, with a few outliers in Europe, China, and Singapore. (mais…)
ViewQwest and NSFOCUS launch Singapore’s most affordable clean pipe solution with DDoS protection at $699 per month
abril 27, 2016
The Tech Revolutionist ViewQwest today launched their DDoS Protection Service that defends the networks of banks, e-commerce vendors, telcos and just about any business with an online presence against the increasingly malicious and debilitating DDoS (Distributed Denial-of-Service) attacks. Powered by enterprise security specialist NSFOCUS, the new service aims to make premium-grade Internet security more affordable for […]
Wheat a moment: Multigrain malware uses DNS to steal POS data
abril 20, 2016
SC Magazine A new variant of malware has been discovered that uses DNS to evade antivirus measures, security researchers have warned. Dubbed Multigrain, the malware is a variant of the NewPoSThings family of malware. It infects Windows processes that process credit card data and collects financial information before sending it off to a C&C server.Alex Cruz […]
DDoS Attacks: A Closer Look, Part 1
abril 20, 2016
Track: Technical
Author: Martin Stone, Principal Sales Engineer, NSFOCUS
If you’ve ever seen portrayals of DDoS attacks in TV and movies, they might seem like scary, mysterious attacks, launched by elite hackers, against which there is no protection. Nothing could be farther from the truth. DDoS is one of the simplest and easiest ways to attack an online system, within reach of almost anyone with a little information and a little money. Fortunately, these attacks are also easy to defend against if you’re prepared and have the right equipment in place. Here are a few of the most popular DDoS attacks that have evolved over time and are still in use today: (mais…)
When Malware Becomes a Service, Anyone Can Be a Hacker
fevereiro 25, 2016
Gadgets 360 A DDoS attack, one of the most popular available attacks has been offered as a service commercially to anyone interested by hacking group. Our senior technical expert Vann Abernethy said “Distributed Denial of Service attacks have been around for a while now, and each year they grow in size, number, and sophistication. We […]
Downstream networks detect Wendy’s breach
fevereiro 25, 2016
The Green Sheet Numerous consumers who used credit cards at Midwest and Northeast locations of The Wendy’s Co. in the latter part of 2015 were notified by their card issuing banks of a potential data security breach. Company spokesman Bob Bertini advised news media that fraudulent charges began to appear elsewhere after the cards were […]
Was Hollywood Presbyterian ransom attack preventable?
fevereiro 23, 2016
MedCity News The hackers who brought down the computer network and connected medical devices at Hollywood Presbyterian Medical Center in Los Angeles have taken healthcare cyberattacks to the next level, according to a maker of network security technology. The hackers are demanding a ransom of 9,000 Bitcoin, equivalent to about $3.6 million, to unlock the […]