AA22-216A: 2021 Top Malware Strains

vom 04.08.2022 um 20:10 Uhr 320.84 Punkte
Original release date: August 4, 2022SummaryImmediate Actions You Can Take Now to Protect Against Malware: • Patch all systems and prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication (MFA). • Secure Remote Desktop Protocol (RDP) and o

MMD-0030-2015 - New ELF malware on Shellshock: the ChinaZ

vom 06.04.2015 um 19:13 Uhr 223.5 Punkte
The backgroundThe bash Shellshock vulnerability (link) is still proven to be one of the fastest way to spread ELF malware infection to NIX boxes in internet, along with Linux systems which are still having the vulnerable version. This fact that is not kno

MMD-0030-2015 - New ELF malware on Shellshock: the ChinaZ

vom 06.04.2015 um 19:13 Uhr 223.5 Punkte
The backgroundThe bash Shellshock vulnerability (link) is still proven to be one of the fastest way to spread ELF malware infection to NIX boxes in internet, along with Linux systems which are still having the vulnerable version. This fact that is not kno

AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware

vom 17.02.2021 um 17:00 Uhr 189.96 Punkte
Original release date: February 17, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result o

MMD-0047-2015 - SSHV: SSH bruter ELF botnet malware w/hidden process kernel module

vom 26.12.2015 um 18:29 Uhr 160.53 Punkte
Background Apparently Linux ELF malware is becoming an interesting attraction from several actors from People Republic of China(in short: PRC). This post is one good example about it. It explains also why myself, from my team (MMD), put many effort t

MMD-0047-2015 - SSHV: SSH bruter ELF botnet malware w/hidden process kernel module

vom 26.12.2015 um 18:29 Uhr 160.53 Punkte
Background Apparently Linux ELF malware is becoming an interesting attraction from several actors from People Republic of China(in short: PRC). This post is one good example about it. It explains also why myself, from my team (MMD), put many effort t

AA22-110A: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

vom 20.04.2022 um 19:00 Uhr 158.92 Punkte
Original release date: April 20, 2022 | Last revised: May 9, 2022SummaryActions critical infrastructure organizations should implement to immediately protect against Russian state-sponsored and criminal cyber threats: • Patch all systems. Prioritize patchin

Anomali Cyber Watch: APT, China, Data leak, Injectors, Packers, Phishing, Ransomware, Russia, and Ukraine

vom 21.03.2023 um 00:29 Uhr 145.53 Punkte
  Anomali Cyber Watch: Winter Vivern Impersonates Poland’s Combating Cybercrime Webpage, Trojanized Telegram Steals Cryptocurrency Keys from Screenshots, SilkLoader Avoids East Asian ThreatBook Cloud Sandbox, and More. The various threat intelligence st

AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky

vom 27.10.2020 um 18:00 Uhr 143.93 Punkte
Original release date: October 27, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity

BeatRev - POC For Frustrating/Defeating Malware Analysts

vom 04.09.2022 um 13:30 Uhr 143.93 Punkte
BeatRev Version 2Disclaimer/LiabilityThe work that follows is a POC to enable malware to "key" itself to a particular victim in order to frustrate efforts of malware analysts.I assume no responsibility for malicious use of any ideas or code contained within this project. I provide this research to

Updates: So bleibt Windows 11 immer aktuell

vom 25.01.2023 um 08:00 Uhr 136.86 Punkte
Microsoft arbeitet kontinuierlich an der Weiterentwicklung von Windows. Zuletzt sind im Herbst 2022 die Updates auf die Version 22H2 jeweils für Windows 10 und 11 erschienen. Mit dem Update spendiert Microsoft Windows 11 einige neue Funktionen und

Anomali Cyber Watch: Newly-Discovered WinorDLL64 Backdoor Has Code Similarities with Lazarus GhostSecret, Atharvan Backdoor Can Be Restricted to Communicate on Certain Days

vom 28.02.2023 um 17:15 Uhr 134.93 Punkte
The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Backdoors, DLL sideloading, Infostealers, Phishing, Social engineering, and Tunneling. The IOCs related to these stories are attached to