What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-10-30 12:33:00 | Fear the Reaper? Experts reassess the botnet\'s size and firepower (lien direct) | Security researchers now say the botnet could be only as big as 28,000 infected devices, but warn that the figure could balloon in size at any given time. | APT 37 | ||
 |
2017-10-27 20:39:21 | Fear the Reaper, or Reaper Madness? (lien direct) | Last week we looked at reports from China and Israel about a new "Internet of Things" malware strain called "Reaper" that researchers said infected more than a million organizations by targeting newfound security weaknesses in countless Internet routers, security cameras and digital video recorders (DVRs). Now some botnet experts are calling on people to stop the "Reaper Madness," saying the actual number of IoT devices infected with Reaper right now is much smaller. Arbor Networks said it believes the current actual size of the Reaper botnet fluctuates between 10,000 and 20,000 bots total. Arbor notes that this can change any time. | Cloud | APT 37 | |
 |
2017-10-26 14:15:38 | eSentire Security Advisory: Reaper IoT Botnet (lien direct) | The ISBuzz Post: This Post eSentire Security Advisory: Reaper IoT Botnet | Cloud | APT 37 | |
 |
2017-10-25 23:00:16 | Future attaque ? Le petit frère de Miraim, Reaper, collecte ses objets connectés (lien direct) | >Reaper, un nouveau botnet visant des objets connectés, emmagasinerai des informations pour une future attaque. Reaper, une... Cet article Future attaque ? Le petit frère de Miraim, Reaper, collecte ses objets connectés est diffusé par Data Security Breach. | Cloud | APT 37 | |
 |
2017-10-25 18:33:18 | Hackers Prepping IOTroop Botnet with Exploits (lien direct) | Researchers warn that hackers have weaponized a vulnerability that could be used in an IOTroop (or Reaper) attack, bringing the likelihood of an attack one step closer. | Cloud | APT 37 | |
 |
2017-10-24 16:14:49 | Reaper IoT botnet could be more devastating than Mirai (lien direct) |  Think the Mirai botnet which launched a DDoS attack that knocked major websites offline last year was bad?
It's possible that you ain't seen nothing yet.
|
Cloud | APT 37 | |
|
2017-10-24 12:46:37 | After quietly infecting a million devices, Reaper botnet set to be worse than Mirai (lien direct) | Reaper is on track to become one of the largest botnets recorded in recent years - and yet nobody seems to know what it will do or when. But researchers say the damage could be bigger than last year's cyberattack. | Cloud | APT 37 | |
|
2017-10-23 19:42:42 | Reaper: Calm Before the IoT Security Storm? (lien direct) | It's been just over a year since the world witnessed some of the world's top online Web sites being taken down for much of the day by "Mirai," a zombie malware strain that enslaved "Internet of Things" (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks. Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware -- variously named "Reaper" and "IoTroop" -- that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already. Reaper isn't attacking anyone yet. For the moment it is apparently content to gather gloom to itself from the darkest reaches of the Internet. But if history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks. | Cloud | APT 37 | |
 |
2017-10-21 00:49:26 | New Rapidly-Growing IoT Botnet Threatens to Take Down the Internet (lien direct) | Just a year after Mirai-biggest IoT-based malware that caused vast Internet outages by launching massive DDoS attacks-completed its first anniversary, security researchers are now warning of a brand new rapidly growing IoT botnet.
Dubbed 'IoT_reaper,' first spotted in September by researchers at firm Qihoo 360, the new malware no longer depends on cracking weak passwords; instead, it exploits
|
Cloud | APT 37 | |
 |
2017-10-20 09:30:39 | A Gigantic IoT Botnet Has Grown in the Shadows in the Past Month (lien direct) | Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper (Reaper for this article), researchers estimate its current size at nearly two million infected devices. [...] | Cloud | APT 37 | |
 |
2017-08-23 13:14:19 | NBlog August 23 - Information Security outreach (lien direct) |  Further to yesterday's ISO27k Forum thread and blog piece, I've been contemplating the idea of extending the security awareness program into an "outreach" initiative for Information Security, or at least viewing it in that way. I have in mind a planned, systematic, proactive approach not just to spread the information risk and security gospel, but to forge stronger more productive working relationships throughout the organization, perhaps even beyond. Virtually every interaction between anyone from Information Security and The Business is a relationship-enhancing opportunity, a chance to inform, communicate/exchange information in both directions, assist, guide, and generally build the credibility and information Security's brand. Doing so has the potential to:Drive or enhance the corporate security culture through Information Security becoming increasingly respected, trusted, approachable, consulted, informed and most of all used, rather than being ignored, feared and shunned (the "No Department");Improve understanding on all sides, such as identifying business initiatives, issues, concerns and demands for Information Security involvement, at an early enough stage to be able to specify, plan, resource and deliver the work at a sensible pace rather than at the last possible moment with next to no available resources; also knowing when to back-off, leaving the business to its own devices if there are other more pressing demands, including situations where accepting information risks is necessary or appropriate for various business reasons;Encourage and facilitate collaboration, cooperation and alignment around common goals;Improve the productivity and effectiveness of Information Security by being more customer-oriented - always a concern with ivory-tower expert functions staffed by professionals who think they (OK, we!) know best;Improve the management and treatment of information risks as a whole through better information security, supporting key business objectives such as being able to exploit business opportunities that would otherwise be too risky, while complying with applicable laws and regulations. |
Cloud | APT 37 | |
 |
2017-08-17 13:00:00 | The Upgraded AlienVault OTX API & Ways to Score Swag! (lien direct) | We've made a number of improvements to the depth of data in OTX recently, which are now available via the free API tool. Some of the API functions now include: Malware anti-virus and sandbox reports (example) A Whois API, including reverse whois and reverse SSL (example) View IP addresses that our telemetry indicates a specific network signature has fired on (example) The HTTP contents of a domain or URL (example), as well as finding all pages that link to it (example) Passive DNS history (example) Find malware samples that talk to a domain or ip (example) Retrieve malware samples by anti-virus detection (example) Lists of malicious URLs on domains (example) Download all indicators from users that you subscribe to (example) Find pulses based on the adversary, industry or keywords that interest you (example) What could you build? This depth of data could be used for countless things, but here are a couple of examples the API could used for: Actor Tracking Let’s say you want to get daily updates on an attacker that has targeted your sector before. With the new API, you will get a daily email on name servers they use, domain registration emails they use, and servers that have fired network alerts for their malware. Malicious File Alerting Another common task is when you want to know if files that pass your network or mail gateway (either at the MX or Inbox) are malicious. You can easily extract these files, then check them against OTX to see if they are malicious. Examples Our Python SDK page includes some simple examples of using the API, such as: Storing a feed of malicious indicators on OTX Telling if a Domain, IP, File hash or URL is malicious | Cloud | APT 37 | |
 |
2017-06-12 19:07:51 | An Introduction to VolUtility, (Mon, Jun 12th) (lien direct) | If you would like to practicememory forensics using Volatility but you dont like command line tools and you hate to remmber plugins then VolUtility is your friend. Volutility1is a web frontend for Volatility framework. Installation In this dairy, I will install VolUtlity on Linux SIFT2workstation. Update your SIFT workstation and install django margin-right:210.0pt">$ sudo apt-get update margin-right:0in"> Install MongoDB : In this dairy I am not going to discuss how to install MongoDB , for futher details about margin-left:.5in"> $ git clone https://github.com/volatilityfoundation/volatility $ cd volatility $ sudo python setup.py install margin-left:.5in"> $ git clone https://github.com/kevthehermit/VolUtility Configuration In this diary I am going to use the default config file volutility.conf.sample border:solid windowtext 1.0pt"> $ ./manage.py runserver 0.0.0.0:8000 width:400px" /> Enter a name for the session and the location of the memory image ,for the profile you can either specify it or you can choose autodetect, then click on submit button width:400px" /> You have to wait for few minutest till it finishes from processing the image, once it finished the status will change to Complete width:400px" /> To examine the image click on the session name , in this the dairy its SANS ISC width:400px" /> Now let width:400px" /> And you can of course filter your result using tools such as MS Excel. _______________________________________________________ [1] https://github.com/kevthehermit/VolUtility/wiki [1] https://digital-forensics.sans.org/community/downloads (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. | Cloud | APT 37 | |
|
2016-06-17 10:00:38 | ScarCruft APT Group Used Latest Flash Zero Day in Two Dozen Attacks (lien direct) | The ScarCruft APT gang has made use of a Flash zero day patched Thursday by Adobe to attack more than two dozen high-profile targets in Russia and Asia primarily. | Cloud | APT 37 | |
 |
2016-06-14 03:00:49 | Don\'t Fear the Reaper – Getting the Most Out of Your Penetration Tests (lien direct) | PCI-DSS v3.2 will be in full-force this October. At that time, service providers will be required to complete penetration tests by an external third party twice a year. The term “service provider” leaves significant room for interpretation. Discuss PCI-DSS v3.2 with your QSA to determine how changes may impact your organization. Whether to be PCI […]… Read More | Cloud | APT 37 |
To see everything:
Our RSS (filtrered)
