Analysis, Education, Information Security and Libraries

Malicious file analysis – Example 01

Security Affairs

AUGUST 9, 2022

Cyber Security Specialist Zoziel Pinto Freire shows an example of malicious file analysis presented during his lecture on BSides-Vitória 2022. My objective with this series of articles is to show examples of malicious file analysis that I presented during my lecture on BSides-Vitória 2022. Static Analysis x Dynamic Analysis.

Libraries

Libraries Metadata Education Security

New Android malicious library Goldoson found in 60 apps +100M downloads

Security Affairs

APRIL 15, 2023

The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. It is important to highlight that the library was not developed by the authors of the apps.

Libraries

Libraries Data collection Education Security

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Security Affairs

FEBRUARY 11, 2022

FritzFrog P2P botnet is back and is targeting servers belonging to entities in the healthcare, education, and government sectors. The bot is written in Golang and implements wormable capabilities, experts reported attacks against entities in the government, education, and finance sectors. ” reads the report published by Akamai.

Education

Education Government Libraries Mining

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Google fixed the second actively exploited Chrome zero-day of 2023

Security Affairs

APRIL 19, 2023

The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by Clément Lecigne of Google’s Threat Analysis Group on April 12, 2023. Reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-12 [$1000][ 1430644 ] Medium CVE-2023-2137: Heap buffer overflow in sqlite.

Libraries

Libraries Education Access Cybersecurity

CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 22, 2023

The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by Clément Lecigne of Google’s Threat Analysis Group on April 12, 2023. CVE-2023-2136 – Google Chrome Skia Integer Overflow Vulnerability.

IT

IT Libraries Cybersecurity Education

Meet The Team Behind Mayhem: Come See Us At These Upcoming June 2023 Events

ForAllSecure

JUNE 7, 2023

Hartford CyberSecurity Summit Get ready for the very first Hartford Cyber Security Summit, where C-Suite and Senior Executives responsible for protecting their companies' critical infrastructures will connect with innovative solution providers and renowned information security experts.

Libraries

Libraries Sales Cybersecurity Education

Google fixed the first Chrome zero-day of 2023

Security Affairs

APRIL 14, 2023

The vulnerability was reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-11. Reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-11” reads the advisory published by Google. The vulnerability is a Type Confusion issue that resides in the JavaScript engine V8.

Libraries

Libraries Education Cybersecurity Security

The Russia-linked APT29 is behind recent attacks targeting NATO and EU

Security Affairs

APRIL 13, 2023

The HTLM files are hosted on a legitimate online library website that was likely compromised by the threat actors sometime between the end of January 2023 and the beginning of February 2023. reads the analysis published by BlackBerry. One of the lures appeals to those who want to find out the Poland Ambassador’s schedule for 2023.

Libraries

Libraries Military Education Phishing

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

Security Affairs

JUNE 26, 2023

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The APT group is using almost exclusively living-off-the-land techniques and hands-on-keyboard activity to evade detection.

Cleanup

Cleanup Libraries Access Manufacturing

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

On March 7, 2023, the researchers found a Linux variant of the PingPull that was uploaded to VirusTotal, it had a very low detection rate (3 out of 62) “Despite a largely benign verdict, additional analysis has determined that this sample is a Linux variant of PingPull malware. ” reads the analysis published by Unit 42.

Communications

Communications Military Government Libraries

Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 26, 2023

North Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink software New InfectedSlurs Mirai-based botnet exploits two zero-days SiegedSec hacktivist group hacked Idaho National Laboratory (INL) CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog Enterprise software provider TmaxSoft leaks 2TB of data (..)

Security

Security Ransomware Data breaches Libraries

Cyber espionage campaign targets Asian countries since 2021

Security Affairs

SEPTEMBER 13, 2022

” reads an analysis published by Symantec Threat Hunter team, part of Broadcom Software. The attackers used Dynamic-link library (DLL) side-loading to deliver the malicious code. Experts also shared details about an attack against a government-owned organization in the education sector in Asia.

Government

Government Access Libraries Education

Nodersok malware delivery campaign relies on advanced techniques

Security Affairs

SEPTEMBER 28, 2019

” reads the analysis published by Microsoft. About 3% of the infected systems belong to organizations in different sectors, including education, professional services, healthcare, finance, and retail. ” The Nodersok campaign has already infected thousands of machines in the last several weeks.

e-Delivery

e-Delivery Retail Libraries Education

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

Security Affairs

APRIL 6, 2021

In the recent campaign associated with Cycldek , Kaspersky observed that attackers targeted a legitimate component from Microsoft Outlook (FINDER.exe) by loading the malicious library outlib.dll that is used to hijacks the intended execution flow of the program to decode and run a shellcode placed in the rdmin.src binary file.

Military

Military Government Phishing Libraries

China-linked APT41 group targets telecommunications companies with new backdoor

Security Affairs

OCTOBER 31, 2019

” reads the analysis published by FireEye. The group hit entities in several industries, including the gaming, healthcare, high-tech, higher education, telecommunications, and travel services industries. ” concludes the analysis. It continues parsing protocol layers including SCTP, SCCP, and TCAP.

Libraries

Libraries Education Risk Security

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

But how exactly will artificial intelligence help bridge the information security skills gap? And even with the help of machine learning algorithms, what kinds of security work is still best left to humans? They won with Mayhem, an assisted intelligence application security testing solution.

Security

Security Artificial Intelligence Computer and Electronics Libraries

The Evolution of Aggah: From Roma225 to the RG Campaign

Security Affairs

AUGUST 6, 2019

Few months ago we started observing a cyber operation aiming to attack private companies in various business sectors, from automotive to luxury, education, and media/marketing. Technical Analysis. The first one is “CM22vTup” and have been published by a Pastebin user named “ HAGGA ”, the same reported in the PaloAlto analysis.

Libraries

Libraries IT Education Security

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

But how exactly will artificial intelligence help bridge the information security skills gap? And even with the help of machine learning algorithms, what kinds of security work is still best left to humans? They won with Mayhem, an assisted intelligence application security testing solution.

Security

Security Artificial Intelligence Computer and Electronics Libraries

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

ForAllSecure

OCTOBER 9, 2019

But how exactly will artificial intelligence help bridge the information security skills gap? And even with the help of machine learning algorithms, what kinds of security work is still best left to humans? They won with Mayhem, an assisted intelligence application security testing solution.

Security

Security Artificial Intelligence Computer and Electronics Libraries

Information Management Today

Malicious file analysis – Example 01

New Android malicious library Goldoson found in 60 apps +100M downloads

Webinars

Trending Sources

FritzFrog P2P Botnet is back and targets Healthcare, Education and Government Sectors

Webinars

Google fixed the second actively exploited Chrome zero-day of 2023

CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog

Meet The Team Behind Mayhem: Come See Us At These Upcoming June 2023 Events

Google fixed the first Chrome zero-day of 2023

The Russia-linked APT29 is behind recent attacks targeting NATO and EU

China-linked APT group VANGUARD PANDA uses a new tradecraft in recent attacks

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION

Cyber espionage campaign targets Asian countries since 2021

Nodersok malware delivery campaign relies on advanced techniques

Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks

China-linked APT41 group targets telecommunications companies with new backdoor

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

The Evolution of Aggah: From Roma225 to the RG Campaign

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

Stay Connected