InfoSec Week 7, 2017

Posted on 19 February 2017
SUBSCRIBE TO A WEEKLY NEWSLETTER!

Ukraine’s security service attributed Russia as an actor behind ongoing malware attacks against their critical infrastructure.
http://www.reuters.com/article/us-ukraine-crisis-cyber-idUSKBN15U2CN

Researchers from the Georgia Institute of Technology have created a ransomware that targets programmable logic controllers.
https://www.bleepingcomputer.com/news/security/researchers-create-poc-ransomware-that-targets-ics-scada-systems/
http://www.cap.gatech.edu/plcransomware.pdf

An in-depth analysis of a Marcher Android banking trojan targeting financials mostly in Germany, France, UK. Most infected devices are running Android 6.0.1.!
https://www.securify.nl/blog/SFY20170202/marcher___android_banking_trojan_on_the_rise.html

First person narrative about a modus operandi of a red-team social engineer. Non so technical, more about the reconnaissance and the possibilities of a macro driven phishing.
http://www.informationsecuritybuzz.com/articles/getting-know-phishing-story-eyes-hacker/

Symantec and BAE Systems linked watering hole attacks on Polish Banks to the Lazarus Group.
http://securityaffairs.co/wordpress/56235/apt/lazarus-group-polish-bank.html

Malware written in SQL, executed inside the database, targets Magento-powered online stores.
https://gwillem.gitlab.io/2017/02/14/triggered-malware/

Data Selfie is a Chrome extension that logs what Facebook learns about you. It shows you your own data traces and reveal how machine learning algorithms use your data to gain insights about your personality. User data are stored only locally. Scary stuff! Try it.
http://dataselfie.it/

theZoo is a repository of a malware samples for people interested in malware analysis. Be careful.
https://github.com/ytisf/theZoo

Malboxes is a tool which builds malware analysis Windows virtual machines automatically using VirtualBox and Vagrant.
https://github.com/GoSecure/malboxes


Comments !