Analysis and Video - Information Management Today

How You Can Start Learning Malware Analysis

Lenny Zeltser

JANUARY 6, 2021

Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. Understand Where You Currently Fit Into the Malware Analysis Process. I like grouping them in 4 categories, which I detailed in the post Mastering 4 Stages of Malware Analysis.

Metadata

Metadata IT Access Security

Video Conferencing Apps Sometimes Ignore the Mute Button

Schneier on Security

APRIL 29, 2022

A Privacy Analysis of Mute Buttons in Video Conferencing Apps “: Abstract: In the post-pandemic era, video conferencing apps (VCAs) have converted previously private spaces — bedrooms, living rooms, and kitchens — into semi-public extensions of the office. New research: “ Are You Really Muted?:

Paper

Paper Privacy Personal data Access

Attackers abused cloud video platform to inject an e-skimmer into 100 Real Estate sites

Security Affairs

JANUARY 4, 2022

Threat actors used an unnamed cloud video platform to install an e-skimmer on more than 100 real estate websites belonging to the same parent company. Researchers from Palo Alto Networks documented a supply chain attack in which the attackers abused a cloud video platform to inject an e-skimmer hidden into video.

Cloud

Cloud IT Security Information Security

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

An RCE in Annke video surveillance product allows hacking the device

Security Affairs

AUGUST 27, 2021

Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by Annke. The vulnerability, tracked as CVE-2021-32941 can be exploited by an attacker to hack a video surveillance product made by Annke, a provider of home and business security solutions.

Cybersecurity

Cybersecurity IoT Access Manufacturing

3CX voice and video conferencing software victim of a supply chain attack

Security Affairs

MARCH 30, 2023

Popular voice and video conferencing software 3CX was the victim of a supply chain attack, SentinelOne researchers reported. As of Mar 22, 2023, SentinelOne observed a spike in behavioral detections of the 3CXDesktopApp, which is a popular voice and video conferencing software product.

File names

File names Manufacturing Libraries Cybersecurity

Stealing videos from VLC

Security Affairs

MARCH 26, 2020

Technical analysis: Let’s assume a scenario where Bob & Alice are sharing a video over the WiFi using vlc-iOS, Eve could perform this attack by crawling the source IP address of Bob which would list the URL’s of the videos shared between Bob & Alice. Pierluigi Paganini. SecurityAffairs – VLC, hacking).

Authentication

Authentication Security IT

Analysis: Huawei 5G Dilemma

Data Breach Today

JANUARY 17, 2020

Plus: An update on a mobile app exposing infant photos and videos online and an analyst's take on the future of deception technology. The latest edition of the ISMG Security Report discusses why Britain is struggling to determine whether to use China's Huawei technology in developing its 5G networks.

Security

Security IT

Guardzilla Security Video System Footage exposed online

Security Affairs

DECEMBER 29, 2018

A vulnerability in the Guardzilla home video surveillance system could be exploited by users to watch Guardzilla footage of other users. The Guardzilla All-In-One Video Security System is an indoor video surveillance solution. ” reads the analysis published by Rapid7. ” read a post published by 0dayallday.org.

Security

Security IoT Passwords Access

Learning Malware Analysis and Cybersecurity Writing Online

Lenny Zeltser

APRIL 19, 2020

You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending on how you prefer to learn: OnDemand: Self-paced, recorded training with four months of access to course materials and labs. Malware Analysis.

Cybersecurity

Cybersecurity Communications Access Security

Global Incident Response: The Rise of Integrity Attacks

Data Breach Today

AUGUST 3, 2021

Tom Kellermann on Emergence of New Destructive Attacks and Cloud Jacking Tom Kellermann calls it a new "Twilight Zone" - an era in which cybersecurity adversaries can unleash destructive attacks that manipulate time, data, audio and video.

Cybersecurity

Cybersecurity Cloud IT

Global Capture & IDP Vertical Market Analysis

Info Source

FEBRUARY 20, 2023

For example, an auto insurance claim often involves an e-form for the FNOL, plus paper based or digital documents covering the police report and the assessment of the repair shop but also photos or video documentation of the damage. A key element of Intelligent Capture solutions is the automated Classification of business inputs.

Marketing

Marketing Artificial Intelligence B2B Paper

Own Your Own Government Surveillance Van

Schneier on Security

AUGUST 31, 2023

They can be used to monitor any of six different video inputs including a videoscope camera. Multiple Sony DVD-based video recorders store footage captured by cameras, audio recorders by high-end equipment brand Marantz capture sounds, and time and date generators sync gathered media up for accurate analysis.

Government

Government Sales IT Privacy

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. video streams that are viewed). ” continues the analysis. This user seems to at least have permissions to access/view video streams.” Open questions: Who runs these servers?

Cloud

Cloud Manufacturing Passwords IoT

NYPD Body Cam Data Shows the Scale of Violence Against Protesters

WIRED Threat Level

JULY 20, 2023

A landmark $13 million settlement with the City of New York is the latest in a string of legal wins for protesters who were helped by a video-analysis tool that smashes the “bad apple” myth.

Security

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Security Affairs

APRIL 15, 2024

YouTube Video 1 , YouTube Video 2 ). Team82 and Claroty have been unable to verify the attackers’ claims, however, they conducted a detailed analysis of the Fuxnet malware relying on information provided by the attackers. ” reads the analysis published by Claroty. All servers have been deleted.

IoT

IoT Access Communications Military

6 Ways AI Can Revolutionize Digital Forensics

Dark Reading

AUGUST 29, 2023

Artificial intelligence tools can automate the analysis of logs, video, and other important but tedious aspects of investigations.

Artificial Intelligence

Japan’s JPCERT warns of new ‘MalDoc in PDF’ attack technique

Security Affairs

AUGUST 28, 2023

” Below is a watch video that shows this attack technique: The JPCERT experts say that the OLEVBA analysis tool for malicious Word files can be used to detect malicious files crafted to carry out this attack technique However, popular PDF analysis tools like ‘pdfid’ may be not able to detect the malicious file.

IT

IT Security Information Security

MY TAKE: lastwatchdog.com receives recognition as a Top 10 cybersecurity webzine in 2021

The Last Watchdog

NOVEMBER 3, 2021

Visit Last Watchdog to view videos, surf cyber news, gain informative analysis and read guest essays from leading lights in the cybersecurity community. Here is their very gracious description of what Last Watchdog is all about: Founder, contributor and executive editor of the forward-thinking Last Watchdog webzine, Byron V.

Cybersecurity

Cybersecurity Privacy Data breaches Ransomware

Celebrating World eDiscovery Day

eDiscovery Law

DECEMBER 7, 2023

Our e-Discovery Analysis & Technology Group is continuing a series of Q&A videos to mark the occasion. Today, we celebrate World e-Discovery Day, an annual industry-wide event for lawyers and legal professionals to highlight the critical role e-discovery plays in our legal system.

e-Discovery

e-Discovery Artificial Intelligence Marketing

Unixfreaxjp at #R2CON2020 presented shellcode basics for radare2

Security Affairs

NOVEMBER 17, 2020

Shellcode play an essential role in cyber attacks, the popular expert Unixfreaxjp explained how to utilize radare2 for variation of shellcode analysis. A good analysis tool can help you dissect a shellcode if the low-level language analysis operation is supported, as any shellcode is coded in assembly language. Video: [link] 2.

Libraries

Libraries IT Security Information Security

Windows DOS-to-NT flaws exploited to achieve unprivileged rootkit-like capabilities

Security Affairs

APRIL 22, 2024

“I discovered how a malicious actor—without admin privileges—could hide files and processes, hide files in archives, affect prefetch file analysis, make Task Manager and Process Explorer users think a malware file was a verified executable published by Microsoft, disable Process Explorer with a denial of service (DoS) vulnerability, and more.”

Archiving

Archiving Access Security Risk

‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

Krebs on Security

JUNE 21, 2020

KrebsOnSecurity obtained an internal June 20 analysis by the National Fusion Center Association (NFCA), which confirmed the validity of the leaked data. “Additionally, the data dump contains emails and associated attachments,” the alert reads.

Archiving

Archiving Government Risk Security

Emerging Ransomware Targets Photos, Videos on Android Devices

Threatpost

JUNE 24, 2020

The CryCryptor malware strain is a brand-new family of threats, leveraging COVID-19 to spread.

Ransomware

Ransomware Government Security

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices. Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices.

Honeypots

Honeypots Authentication Security IT

Security bug in Swann IoT Camera allowed to access video feeds

Security Affairs

JULY 29, 2018

Security experts have discovered a security glitch in Swann IoT camera that could be exploited by attackers to access video feeds. The affected camera model it a battery-powered HD camera that implements video streaming feature either directly over the local network or via a cloud service. Pierluigi Paganini.

IoT

IoT Access Security Cloud

Experts spotted browser malicious extensions for Instagram, Facebook and others

Security Affairs

DECEMBER 17, 2020

. “The extensions which aid users in downloading videos from these platforms include Video Downloader for Facebook, Vimeo Video Downloader, Instagram Story Downloader, VK Unblock, and other browser extensions on the Google Chrome Browser, and some on Microsoft Edge Browser.” Works fast. Odnoklassniki UnBlock.

Phishing

Phishing IT Security Information Security

Two spyware sending data of more than 1.5M users to China were found in Google Play Store

Security Affairs

JULY 9, 2023

” reads the analysis published by Pradeo. Unfortunately, in recent years, multiple malicious apps have been found available through the official Google Play Store, highlighting the need to refine the app analysis processes during the publishing phase and throughout the entire lifecycle within app stores.

Cybersecurity

Cybersecurity Security Information Security IT

Security Researchers Sound Alarm on Smart Doorbells

Dark Reading

NOVEMBER 23, 2020

A new analysis of 11 relatively inexpensive video doorbells uncovered high-risk vulnerabilities in all of them.

Security

Security Risk

Russians Shut Down Huge Card Fraud Ring

Krebs on Security

MARCH 26, 2020

A still image from a video of the raids released by the Russian FSB this week shows stacks of hundred dollar bills and cash counting machines seized at a residence of one of the accused. biz , a carding site whose slick video ads were profiled in a KrebsOnSecurity post last year. Among them is MrWhite[.]biz KNOW YOUR FRAUDSTER.

Retail

Retail Insurance Cybersecurity Data breaches

How You Can Write Better Threat Reports

Lenny Zeltser

JULY 1, 2020

How can you persuade the readers that your analysis is sound? I’m happy to share what I’ve learned over the years about writing effective threat reports in the following 36-minute video. How should you decide what details to include? How might you address the needs of multiple audiences?

Phishing

Phishing Cybersecurity IT Information Security

Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity

The Security Ledger

FEBRUARY 21, 2024

Episode 254: Dennis Giese’s Revolutionary Robot Vacuum Liberation Movement In this episode of The Security Ledger Podcast (#256) Paul speaks with Gary McGraw of the Berryville Institute of Machine Learning (BIML) , about that group’s latest report: an Architectural Risk Analysis of Large Language Models.

Artificial Intelligence

Artificial Intelligence Risk Military Security

CISA orders federal agencies to fix ConnectWise ScreenConnect bug in a week

Security Affairs

FEBRUARY 22, 2024

Cybersecurity researchers from Huntress published a technical analysis of the ConnectWise vulnerability. Below is a video PoC of the exploit created by Huntress researchers, it performs the simple authentication bypass and demonstrates how to achieve remote code execution. immediately to apply a patch. ” said Sophos.

Authentication

Authentication Cybersecurity Cloud Ransomware

Weekly Update 211

Troy Hunt

OCTOBER 2, 2020

for free immediate analysis! Sponsored by: Tines. 22% of breaches begin with phishing (DBIR 2020). Submit suspicious emails and attachments to Phish.ly

Phishing

Phishing IT

The “P” in Telegram stands for Privacy

Security Affairs

FEBRUARY 12, 2021

211334) Stable) which stores the local copy of received message (audio/video) on a custom path even after those messages are deleted/disappeared from the secret chat. In the video proof-of-concept the user receives a self-destructed message in the secret chat option, which gets stored even after the message is self-destructed. .

Privacy

Privacy Security Information Security IT

China-linked Winnti APT targets South Korean Gaming firm

Security Affairs

APRIL 22, 2020

China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity, QuoIntelligence (QuoINT) firm reported. Security experts from QuoIntelligence (QuoINT) firm reported that China-linked Winnti cyberespionage group targets South Korean video gaming company Gravity. a South Korean video game company.”

Healthcare

Healthcare Communications IT Security

Using AI to Scale Spear Phishing

Schneier on Security

AUGUST 13, 2021

Researchers are using GPT-3 to attempt to solve that problem: The researchers used OpenAI’s GPT-3 platform in conjunction with other AI-as-a-service products focused on personality analysis to generate phishing emails tailored to their colleagues’ backgrounds and traits.

Phishing

Phishing Risk IT Artificial Intelligence

Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue

Security Affairs

JUNE 8, 2023

Researchers from Singapore-based cybersecurity firm Numen Cyber have published a detailed analysis of the vulnerability along with a proof-of-concept (PoC) exploit that works against Windows Server 2016. ” reads the analysis published by the experts. . ” reads the analysis published by the experts.

Risk

Risk Cybersecurity Security Access

Sophisticated Android spyware PhoneSpy infected thousands of Korean phones

Security Affairs

NOVEMBER 10, 2021

Unlike other surveillance software that attempts to exploit vulnerabilities on the device, PhoneSpy disguised itself as a harmless application with purposes ranging from learning Yoga to watching TV and videos, or browsing photos. The malware also allows an attacker to remotely control the infected mobile devices. .

Phishing

Phishing Access Communications IT

Celebrating e-Discovery Day: e-Discovery Exchange with Ellen Blanchard

eDiscovery Law

DECEMBER 1, 2022

To mark this occasion, the K&L Gates e-Discovery Analysis & Technology (“e-DAT”) Group is launching a series of Q&A videos with e-discovery industry veterans. In the first episode in […].

e-Discovery

Telegram flaw could have allowed access to users secret chats

Security Affairs

FEBRUARY 16, 2021

Experts at Shielder disclosed a flaw in the Telegram app that could have exposed users’ secret messages, photos, and videos to remote attackers. The experts discovered that sending a sticker to a Telegram user could have exposed his secret chats, photos, and videos to remote attackers.

Access

Access Libraries Encryption Security

Necro botnet now targets Visual Tools DVRs

Security Affairs

OCTOBER 12, 2021

Operators behind the FreakOut (aka Necro, N3Cr0m0rPh) Python botnet have added a PoC exploit for Visual Tools DVR, a professional digital video recorder used in surveillance video systems. ” reads the analysis published by the experts. The analysis published by Juniper includes Indicators of Compromise (IoC).

Mining

Mining IT Security IoT

GoFetch side-channel attack against Apple systems allows secret keys extraction

Security Affairs

MARCH 25, 2024

We verify these guesses by monitoring whether the DMP performs a dereference through cache-timing analysis. ” The experts published a paper that includes details about their study, they also published a video PoC for the attack. Once we make a correct guess, we proceed to guess the next batch of key bits.

Libraries

Libraries Paper Access Security

Experts warn of a new malvertising campaign spreading the ChromeLoader

Security Affairs

MAY 26, 2022

Threat actors spread the malware via an ISO file masqueraded as a cracked video game or pirated movie or TV show. ” reads the analysis published by the experts. ” continues the analysis.

Search queries

Search queries Cybersecurity Security IT

Google Project Zero discloses details of two Zoom zero-day flaws

Security Affairs

JANUARY 21, 2022

The experts focused the analysis on the RTP (Real-time Transport Protocol) traffic used for audio and video communications. ” reads the analysis published by Project Zero. ” continues the analysis. Project Zero experts also pointed out that the closed nature of Zoom also heavily impacted the analysis.

Communications

Communications Access Security Risk

How You Can Start Learning Malware Analysis

Video Conferencing Apps Sometimes Ignore the Mute Button

Webinars

Trending Sources

Attackers abused cloud video platform to inject an e-skimmer into 100 Real Estate sites

Webinars

An RCE in Annke video surveillance product allows hacking the device

3CX voice and video conferencing software victim of a supply chain attack

Stealing videos from VLC

Analysis: Huawei 5G Dilemma

Guardzilla Security Video System Footage exposed online

Learning Malware Analysis and Cybersecurity Writing Online

Global Incident Response: The Rise of Integrity Attacks

Global Capture & IDP Vertical Market Analysis

Own Your Own Government Surveillance Van

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

NYPD Body Cam Data Shows the Scale of Violence Against Protesters

Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

6 Ways AI Can Revolutionize Digital Forensics

Japan’s JPCERT warns of new ‘MalDoc in PDF’ attack technique

MY TAKE: lastwatchdog.com receives recognition as a Top 10 cybersecurity webzine in 2021

Celebrating World eDiscovery Day

Unixfreaxjp at #R2CON2020 presented shellcode basics for radare2

Windows DOS-to-NT flaws exploited to achieve unprivileged rootkit-like capabilities

‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

Emerging Ransomware Targets Photos, Videos on Android Devices

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security bug in Swann IoT Camera allowed to access video feeds

Experts spotted browser malicious extensions for Instagram, Facebook and others

Two spyware sending data of more than 1.5M users to China were found in Google Play Store

Security Researchers Sound Alarm on Smart Doorbells

Russians Shut Down Huge Card Fraud Ring

How You Can Write Better Threat Reports

Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity

CISA orders federal agencies to fix ConnectWise ScreenConnect bug in a week

Weekly Update 211

The “P” in Telegram stands for Privacy

China-linked Winnti APT targets South Korean Gaming firm

Using AI to Scale Spear Phishing

Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue

Sophisticated Android spyware PhoneSpy infected thousands of Korean phones

Celebrating e-Discovery Day: e-Discovery Exchange with Ellen Blanchard

Telegram flaw could have allowed access to users secret chats

Necro botnet now targets Visual Tools DVRs

GoFetch side-channel attack against Apple systems allows secret keys extraction

Experts warn of a new malvertising campaign spreading the ChromeLoader

Google Project Zero discloses details of two Zoom zero-day flaws

Stay Connected