Actus Sécurité Confirmé 2015 S13-S14

Une recherche, un ping, vous ont conduit ici ? Il s’agit d’un index d’actualités thématiques que j’ai trouvé intéressantes. Je vous invite à consulter le post d’introduction de cette ‘brève’ -veille perso- pour voir de quoi il s’agit. 

=> POS Malware Uses Time-Stamp Check to Evade Detection. 24/03/2015. «Recently we noticed new variants of Black POS that exhibit no behavior when executed in a synthetic environment. This inactivity in a sandbox promptly captured our attention. This new variant of Black POS checks the system time on the infected machine against the hardcoded time stamp on the executable (…).»
Source : blogs.mcafee.com/mcafee-labs/pos-malware-uses-time-stamp-check-to-evade-detection
Billets en relation :
23/03/2015. New malware program PoSeidon targets point-of-sale systems : www.computerworld.com/article/2900310/new-malware-program-poseidon-targets-pointofsale-systems.html
01/04/2015. NewPosThings Has New PoS Things : blog.trendmicro.com/trendlabs-security-intelligence/newposthings-has-new-pos-things/

=> Vulnerability Patching: Learning from AVG on Doing it Right. 24/03/2015. «As part of our research, we analyze the intricate relationship between Anti-Virus and Operating Systems (OS). During this process, we came across a vulnerability in AVG Internet Security 2015 build 5736 + Virus database 8919 released January 13th 2015 (…).»
Source : breakingmalware.com/vulnerabilities/vulnerability-patching-learning-from-avg-on-doing-it-right/

=> Hancitor Goes the Extra Mile on the Onion Route. 25/03/2015. «We have recently came across a piece of malware which is known as HanciTor (as ESET-NOD32 calls it) or Chanitor (based on the detection name given by Microsoft). The main purpose of this malware is to download other malware and maintain persistence on the system for further communication (…).»
Source : labs.bitdefender.com/2015/03/hancitor-goes-the-extra-mile-on-the-onion-route/

=> New banking trojan ‘Slave’ hitting Polish Banks . 26/03/2015. «We have spotted a new banking trojan in the wild that uses JSON formatted webinjects. After that so many Zeus-like webinjects around, this was kind of refreshing. Currently this banker only have targets in Poland. We are analyzing injects, as they are capable of using ATS (…).»
Source : securityblog.s21sec.com/2015/03/new-banker-slave-hitting-polish-banks.html

=> Dyre/Dyreza: An Analysis to Discover the DGA. 30/03/2015. «Dyre is an example of banking malware exercising this same behavior by hooking itself into the victim’s browser to steal bank credentials. Talos has seen Dyre propagate through spam and phishing emails sent to users (…).»
Source : blogs.cisco.com/security/talos/threat-spotlight-dyre
Billets en relation :
02/04/2015. The Dyre Wolf Campaign: Stealing Millions and Hungry for More : securityintelligence.com/dyre-wolf/
02/04/2015. IBM MSS – The Dyre Wolf: Attacks on corporate banking accounts : portal.sec.ibm.com/mss/html/en_US/support_resources/pdf/Dyre_Wolf_MSS_Threat_Report.pdf
03/04/2015. Enterprise bank accounts targeted in new malware attack : www.computerworld.com/article/2905977/enterprise-bank-accounts-targeted-in-new-malware-attack.html
03/04/2015. Dyre Banking Malware A Million-Dollar Threat : threatpost.com/dyre-banking-malware-a-million-dollar-threat/112009
03/04/2015. ‘Dyre Wolf’ Malware Campaign Employs Social Engineering to Steal from Organizations : www.tripwire.com/state-of-security/latest-security-news/the-dyre-wolf-malware-campaign-employs-social-engineering-to-steal-from-organizations/

Publié par

Gof

Canard boiteux numérique ; juste intéressé, juste passionné.