Rezultati pretraživanja
  1. 25. sij 2019.

    The new article on supply chain attacks has some interesting points. Between them, both MAKERSMARK and PLA seem to have developed BIOS implants as far back as 2013, maybe earlier. MAKERSMARK is another name for the APT.

    Prikaži ovu nit
  2. 29. svi 2019.

    New research details how uses scripts to inject directly into memory in an attempt to evade detection

  3. 21. lip 2019.

    A new companion DLL for Exchange Transport agent was just uploaded on VT. Compilation timestamp suggests it's a slightly newer sample than those from report.

  4. 7. svi 2019.

    New Research: We analyzed , a malware targeting Microsoft Exchange servers - Abuses the Transport Agent feature - Can read/modify/block any email - Backdoor controlled by email attachments Full WP: Blogpost:

    Prikaži ovu nit
  5. 6. lip 2019.
  6. 9. lis 2019.

    use Reductor to implement which mark a host’s encrypted TLS traffic by patching the browser without parsing network packets. The victimology for this new campaign aligns with previous Turla interests.

    Prikaži ovu nit
  7. 17. pro 2019.
  8. 6. velj
  9. 22. ožu 2019.
  10. 11. svi 2019.
  11. 21. lis 2019.

    Advisory: group exploits to expand coverage of victims The report come from UK/US intelligence,But actually from this report: Espionage Group Rolls Out Brand-New Toolset in Attacks Against Governments

  12. 15. srp 2019.

    , a complex cyberattack platform focused almost entirely on diplomatic & governmental targets in the Middle East is evolving. Recently it was spotted spreading through poisoned anti-internet censorship software. Learn more:

  13. 21. lis 2019.

    started timidly by deploying tools in computers they had previously owned themselves, then scanned IP addresses looking for Oilrig ASPX shells, and ended up fully compromising Oilrig C2 servers to get victims as well as Oilrig operators data

  14. According to / (), cyber actors Group acquired Iranian tools and infrastructure to conduct attacks on dozens of countries, security officials in the and have revealed. Cc

    Prikaži ovu nit
  15. 22. lip 2019.

    2019-06-23: Possible 🇷🇺 "BPA.Transport.DLL" 👾 | "Companion DLL" for Transfer Agent📩 Export Table: ⤴️"forLoading" ⤴️"simpleValidate" ⤴️"BinaryLogEx" ✍️Logging: 🛣️Path: c:\windows\serviceprofiles\networkservice\ MD5: 5924eac8af1f3e3f1f825998bc59c062

  16. 24. lis 2019.

    tcpdump32c.exe, 5/70 VT detections. Reads a prt.ocx configuration file just like in the Waterbug report. Used for lateral movement across a victim's network. MD5: f2346530cd715498efc9b80bc827cd97

    Prikaži ovu nit
  17. 21. lis 2019.
    Prikaži ovu nit
  18. 8. kol 2019.

    Virusbay blog is finally up! We begin with decryption of ransomware / by : and additional 2 parts blog / by , who’s also one of our Divers, about KLSL0T! Enjoy!

    Prikaži ovu nit
  19. 2. velj
    Odgovor korisniku/ci

    toolkit is actually work of called - the group actually deployed Turla using Iran C2 poison frog which Turla grouped used their own implants on and tools which are likely Iranian but no actual evidence yet

  20. 19. sij

    wird von der Spionagetruppe angegriffen! Turla greift ausschließlich hochkarätige politische Ziele an und ist bekannt dafür, dass sie den Verteidigern nach ihrer Entdeckung schwere liefert.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.