End-of-Shift report
Timeframe: Montag 27-06-2016 18:00 − Dienstag 28-06-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Reverse Engineering Malware
The AlienVault Labs team does a lot of malware analysis as a part of their security research. I interviewed a couple members of our Labs team, including Patrick Snyder, Eddie Lee, Peter Ewane and Krishna Kona, to learn more about how they do it. Here are some of the approaches and tools and ..
https://www.alienvault.com/blogs/labs-research/reverse-engineering-malware
A year of Windows kernel font fuzzing #1: the results
Post by Mateusz Jurczyk of Google Project ZeroThis post series is about how we used at-scale fuzzing to discover and report a total of 16 vulnerabilities in the handling of TrueType and OpenType fonts in the Windows kernel during the ..
http://googleprojectzero.blogspot.com/2016/06/a-year-of-windows-kernel-font-fuzzing-1_27.html
Scientology Seeks Captive Converts Via Google Maps, Drug Rehab Centers
Fake online reviews generated by unscrupulous marketers blanket the Internet these days. Although online review pollution isnt exactly a hot-button consumer issue, there are plenty of cases in which phony reviews may endanger ones life or ..
http://krebsonsecurity.com/2016/06/scientology-seeks-captive-converts-via-google-maps-drug-rehab-centers/
Large CCTV Botnet Leveraged in DDoS Attacks
Our security operations team investigate and mitigate multiple denial of service (DDoS) attacks every single day. One recent case caught our attention because of the ..
https://blog.sucuri.net/2016/06/large-cctv-botnet-leveraged-ddos-attacks.html
DDoS Extortion - Almost Universally an Empty Threat
Last year there was an emergence of threats of DDoS against financial websites (that eventually broadened to others) under the DD4BC moniker. Eventually that morphed into Armada Collective with both stopping around ..
https://isc.sans.edu/diary.html?storyid=21199
Nuclear goes boom
Silver medallist exploit kit dies alongside Angler as new top dog doubles rental price Shake ups at the top of the exploit kit world continue, with news the worlds two top pop boxes have disappeared.
www.theregister.co.uk/2016/06/28/nuclear_goes_boom/
The Latest Android Overlay Malware Spreading via SMS Phishing in Europe
https://www.fireeye.com/blog/threat-research/2016/06/latest-android-overlay-malware-spreading-in-europe.html
Locky-Sprössling: Erpressungs-Trojaner Bart verschlüsselt anders und verlangt hohes Lösegeld
Sicherheitsforscher beobachteten bei der Ransomware Bart eine neue Methode, Daten als Geisel zu nehmen.
http://heise.de/-3250058
Cybersicherheit: "Sehr viel Wissen wird nicht umgesetzt"
Beim Start-up-Wettbewerb Security Rockstars werden innovative Sicherheitslösungen gesucht. Einreichungen sind noch bis zum 15. Juli möglich.
http://futurezone.at/thema/start-ups/cybersicherheit-sehr-viel-wissen-wird-nicht-umgesetzt/206.877.014
Verschlüsselungs-Trojaner verleibt sich Zimbra-Mails ein
Die Schädling ZimbraCryptor infiziert die Zimbra Collaboration Suite und verschlüsselt alle Daten im E-Mail-Ordner. Dafür muss sich ein Angreifer aber in einen Zimbra-Server hacken.
http://heise.de/-3250331
Press conference with Minister of Interior Wolfgang Sobotka, KSÖ and SBA: Security Rockstars
Er hoffe auf “frische und unkonventionelle Herangehensweisen an Cybersicherheitsthemen, sagte Innenminister Wolfgang Sobotka (ÖVP) am Mittwoch bei einem Pressegespräch ..
https://www.sba-research.org/2016/06/28/pressegesprach/