Tag: conference paper
-
VB2019 paper: Never before had Stierlitz been so close to failure (or: what is a Soviet super-spy doing in a popular bundleware for Mac?)
Over the years, many ‘potentially unwanted applications’ have plagued macOS in the same way they have plagued other platforms. Though anti-virus isn’t ubiquitous on Macs, detecting such PUAs usually isn’t a difficult problem. However, there are exceptions. One such exception is a popular yet unnamed piece of ‘bundleware’ that was analysed by Sophos researcher Sergei…
-
VB2019 paper: Exploring the Chinese DDoS landscape
China has long been a hotbed of DDoS activities, with several groups operating in this space and attacks being performed that are criminal in nature but also that are in line with the country’s geopolitical interests. In a paper presented a VB2019 in London, Intezer researcher Nacho Sanmillan explored the Chinese DDoS threat landscape. In…
-
VB2019 paper: Absolutely routed!! Why routers are the new bullseye in cyber attacks
Given their prominent position on home and corporate networks and their often poor standard of security, one might be forgiven for being surprised that massive attacks against routers didn’t really take off until a few years ago. The game changer in this space is generally seen to be the Mirai IoT botnet which, together with…
-
VB2019 paper: Operation Soft Cell – a worldwide campaign against telecommunication providers
In June this year, Cybereason published a blog post on Operation Soft Cell, a targeted attack against telecom providers around the world. The actors behind the operation are particularly interested in Call Detail Records (CDR) for specific high-value users, which give them valuable metadata on their communication and location. Prior to publishing their blog post,…
-
VB2019 paper: A study of Machete cyber espionage operations in Latin America
Latin America has long been a hotbed for cybercrime, but the region has also seen the activity of various APT groups. One of these groups makes use of ‘Machete’, a Python-based toolset. Machete dates back at least nine years and was first written about by Kaspersky in 2014. In August of this year, ESET published…
-
VB2019 paper: The push from fiction for increased surveillance, and its impact on privacy
Levels of anxiety over technology and interconnectedness are growing. People are becoming increasingly concerned about privacy, and wary that every gadget or app might be spying on them. But researchers Miriam Cihodariu ( Heimdal Security ) and Andrei Bogdan Brad ( Code4Romania ) wondered how much impact the misrepresentation of surveillance technology in fiction (films…
-
VB2019 paper: Oops! It happened again!
Different forms of malware and cyber threats are constantly making the news headlines, and one could be forgiven for thinking that threats like ransomware, fileless malware, rootkits and phishing are all new phenomena. But are they really? This is the question asked – and answered – by industry veterans Righard Zwienenberg ( ESET ) and Eddy Willems…
-
VB2019 paper: A vine climbing over the Great Firewall: a long-term attack against China
The global nature of both the Virus Bulletin conference and APT threats was highlighted by a VB2019 paper from Lion Gu and Bowen Pan from the Qi An Xin Threat Intelligence Center in China. In their paper, the researchers analysed an APT group dubbed ‘Poison Vine’, which targeted various government, military and research institutes in…
-
VB2019 paper: Fantastic Information and Where to Find it: A guidebook to open-source OT reconnaissance
Ever since Stuxnet was discovered almost a decade ago, ‘operational technology’, the use of computers to monitor or alter physical processes, has been part of the cybersecurity realm. Indeed, several threats have been discovered that targeted and, in some cases, damaged physical systems such as factories or the power grid. Simplified diagram of OT components.…
-
VB2019 paper: Domestic Kitten: an Iranian surveillance program
In September last year, researchers at Check Point uncovered an Iranian operation they named ‘Domestic Kitten’ and that used Android apps for targeted surveillance. Active since 2016, the operation continued after this discovery with new malware found during the course of 2019. In a paper presented at VB2019 in London, Check Point researchers Aseel Kayal…