Malware Explorer
Time 2021-11-25 11:47:44Web Name: Malware Explorer
WebSite: http://www.nartv.org
ID:250696
Keywords:
Malware,Explorer,Description:
keywords: description: Malware Explorer Nart Villeneuve Targeted Not TargetedIn the past, I used to encounter people who consistently expressed skepticism about truly targeted activity “why would a nation-state target us?†Following the onslaught of publicly available reports of APT activity over the years, I more commonly encounter those that interpret indiscriminate malicious activity encountered by their organization as targeted “we were targeted by []
“Commodity Malware†is not the Opposite of Targeted MalwareI really don’t like the term “commodity malwareâ€. It’s not that commodity is necessarily an inaccurate description of a particular piece of malware. And it’s not that knowing whether malware can be purchased or is publicly available is not useful, it’s that just because malware may be characterized as commodity it does not indicate whether []
10 Years Since GhostnetOn March 28, 2009 the Citizen Lab released Tracking GhostNet. So much has changed since then, both for me personally as well as the research community, the industry and the threat landscape itself. It has been a long time since I updated this blog, in fact, the last entry was at the end of 2010. []
2010 and BeyondThe year of 2010 has been an interesting for malware researchers. From the attacks on Google through to the ShadowNet there have been many interesting cases that targeted high profile targets. However, traditional threats such as Zeus, Spyeye and fake antivirus software continue to be what most Internet users face on a daily basis. Moreover, []
RX-promotion: A Pharma ShopMore than 65% of spam consists of pharmaceutical spam sent through a variety of well known spam botnets such as Rustock and Cutwail. These spam messages use multiple shop brands and sell a variety of drugs, especially Viagra. These pills, sometime fake pills, are shipped to buyers from pharma manufacturers, often in India or China. []
Pack Mules: The Re-Shipping Fraud Malware ConnectionMalware toolkits are designed to steal information, such as bank account data, and provide cyber criminals with vast quantities of stolen credentials. Every day, credit card numbers stolen by malware such as Zeus and SpyEye are bought and sold in the underground economy. This has given rise to the recruitment of pack mules. When using []
Koobface: Inside a Crimeware NetworkThe Information Warfare Monitor (Citizen Lab, Munk School of Global Affairs, University of Toronto and the SecDev Group, Ottawa) announce the release of Koobface: Inside a Crimeware Network by Nart Villeneuve, with a foreword by Ron Deibert and Rafal Rohozinski. The full report can be accessed here (local mirror): Globe and Mail coverage of the []
Nobel Peace Prize, Amnesty HK and MalwareThere have been two recent attacks involving human rights and malware. First, on November 7, 2010, contagiodump.blogspot.com posted an analysis of a malware attack that masqueraded as an invitation to attend an event put on by the Oslo Freedom Forum for Nobel Peace Prize winner Liu Xiaobo. The malware exploited a known vulnerability (CVE-2010-2883) in []
Clustering Zeus Command and Control Servers Part 2In Part 1 of Clustering Zeus Command and Control Servers I focused on clustering Zeus command and control servers based on three criteria: IP addresses, domain names, and email addresses used to register domain names. Using data drawn from ZeusTracker and MalwareDomainList, I observed that while a wide variety of criminals may set up disparate []
Command and Control in the CloudIn Shadows in the Cloud: An investigation into cyber espionage 2.0 my co-authors and I analyzed the command and control infrastructure of a network that extracted secret, confidential and restricted documents from the Indian government and military. The Shadow Network used a complex and tiered command and control infrastructure that leveraged Twitter, Google Groups, Blogspot, []
Malware DiversificationThere are wide varieties of malware, many of which have similar functionality. As a result there is a tendency to portray them as being in competition with on another. In some ways this is true, especially when it comes to malware authors, however, I prefer to see it as less of a rivalry and more []
Clustering Zeus Command and Control ServersRecently, more than 150 individuals around the world have been arrested on bank fraud related charges after using the Zeus malware to acquire credentials that enabled the criminals to steal more than $70 million dollars. Those arrested include five Ukrainian individuals that are believed to be the masterminds behind the operation. Brian Krebs notes that []
Black Hat SEO, PPC RogueAV Part 2Part 1 of Black Hat SEO, PPC RogueAV focused on the type and amount of incoming traffic generated through BlackHat SEO methods. This traffic is monetized through the use of RogueAV, Pay-Per-Click and Pay-Per-Install affiliates. This post continues the analysis of this campaign by providing a inside look at this BHSEO operation. The attackers []
KrajabotThe Kraja botnet has managed to compromise 185,645 computers, the vast majority of which are located in Russia. Of the 199,513 unique IP addresses recorded from compromised computers, 87.88% are in IP address ranges assigned to Russia. The name Kraja botnet comes from an image located on the command and control server which was originally []
Old Threats are Current ThreatsDespite the fact that the authors of the Pinch Trojan were pinched by law enforcement in 2007, the Pinch Trojan continues to be a current threat both because the source code is available (so anyone can modify it and release a variant) but also because old versions of Pinch continue to be effectively used. In []
Back... PagesAboutWriting Search Tweets by @nartv Meta RSSRSS (comments)
Log in
Except where otherwise noted, content on this site is licensed under a Creative Commons License.
<<< Thank you for your visit >>>
Websites to related : diaspora* project wiki
keywords:
description:
Main Page From diaspora* project wiki Jump to: navigation, search Welcome to the official
keywords:
description:
goless goless: Go-style PythonIntroGoroutinesChanne
keywords:
description:
"); } else { win._boomrl = function() { bootstrap(); }; if (win.addEvent
keywords:
description:Farsight Security provides real-time actionable cyber security data solutions for Threat Intelligence, SOC and Incident Response
keywords:seo company, seo services, web design singapore, website design, internet marketing
description:Need Search Engine Optimisation (SEO), Intern
keywords:Army T - Shirts, Army Sweaters, Embroidery, Embroidered Clothing, Hoodies, T-Shirts, Sweaters, Fleeces, Polo Shirts
description:Military Embr
keywords:
description:Recurring and repeating todos for Basecamp
Recur
keywords:
description:Your description
Web Analysis for Companyx - companyx.biz
keywords:
description:
714.685.6677 • 133 E. Bristol Lane, Orange, CA 92865 • United States
keywords:
description:
Main Page From OpenNMS Jump to navigation Jump to search Outdated OpenNMS Wiki!Our wiki has been used f
Hot Websites