InfoSec Week 7, 2017

Posted on 19 February 2017

Ukraine’s security service attributed Russia as an actor behind ongoing malware attacks against their critical infrastructure.

Researchers from the Georgia Institute of Technology have created a ransomware that targets programmable logic controllers.

An in-depth analysis of a Marcher Android banking trojan targeting financials mostly in Germany, France, UK. Most infected devices are running Android 6.0.1.!

First person narrative about a modus operandi of a red-team social engineer. Non so technical, more about the reconnaissance and the possibilities of a macro driven phishing.

Symantec and BAE Systems linked watering hole attacks on Polish Banks to the Lazarus Group.

Malware written in SQL, executed inside the database, targets Magento-powered online stores.

Data Selfie is a Chrome extension that logs what Facebook learns about you. It shows you your own data traces and reveal how machine learning algorithms use your data to gain insights about your personality. User data are stored only locally. Scary stuff! Try it.

theZoo is a repository of a malware samples for people interested in malware analysis. Be careful.

Malboxes is a tool which builds malware analysis Windows virtual machines automatically using VirtualBox and Vagrant.

Comments !