Month: November 2017

SEO in the Service of Hackers

Delaware, USA ā€“ November 3, 2017 ā€“Ā Adversaries leverage a new technique to infect victims. Researchers from Cisco Talos have discovered a botnet from more than 30 websites used to spread a new version of the Zeus Panda banking Trojan. Hacked sites are quite often used by attackers, for example, as a botnet for cryptocurrency miners […]

Read More
Creating Rules in IBM QRadar

In my previous article, I wrote about how to update your IBM QRadar. But the correct operation of any SIEM is not only updating the build, or collection and storage of events from various data sources. The primary task of SIEM is to identify security incidents. The vendor provides preconfigured detection rules for IBM QRadar, […]

Read More
ONI Outbrake: Ransomware or a Wiper?

Delaware, USA ā€“ November 1, 2017 ā€“ Cybereason shared the results of their current investigation, which reports on the next use of the Ransomware as a Wiper. Unknown threat actors performed attacks on medium and large Japanese organizations since December 2016. Using macros in malicious documents, they installed Ammy Admin RAT and got full access […]

Read More
New APT Campaign Based on Silence Trojan

Delaware, USA ā€“ November 1, 2017 ā€“ Researchers from Kaspersky Lab have discovered the new APT attack using Silence Trojan that targets financial institutions in Russia, Armenia and Malaysia. The attack started in July 2017 and continued to this day. Adversaries infiltrate the organizations’ networks through malicious CHM attachments in phishing emails. When victim opened […]

Read More