Tag: vb2018
-
New paper: Botception: botnet distributes script with bot capabilities
The Necurs botnet has been active for some time. In 2014, Virus Bulletin published a 3-part article by Peter Ferrie ( 1 , 2 , 3 ) who had studied the botnet in great detail. And although, as is typical for botnets, Necurs’ activities can be somewhat volatile, it has been used for some notorious…
-
New paper: Botception: botnet distributes script with bot capabilities
The Necurs botnet has been active for some time. In 2014, Virus Bulletin published a 3-part article by Peter Ferrie ( 1 , 2 , 3 ) who had studied the botnet in great detail. And although, as is typical for botnets, Necurs’ activities can be somewhat volatile, it has been used for some notorious…
-
VB2018 video: Behind the scenes of the SamSam investigation
Yesterday, a federal grand jury in the US unsealed an indictment charging two Iranians with being behind the SamSam ransomware. SamSam has been one of the most successful ransomware campaigns in recent years, thanks to the clever targeting of specific organisations, including universities, hospitals and local governments. This targeting allowed the attackers to ensure the…
-
VB2018 video: Behind the scenes of the SamSam investigation
Yesterday, a federal grand jury in the US unsealed an indictment charging two Iranians with being behind the SamSam ransomware. SamSam has been one of the most successful ransomware campaigns in recent years, thanks to the clever targeting of specific organisations, including universities, hospitals and local governments. This targeting allowed the attackers to ensure the…
-
VB2018 video: Foreverdays: tracking and mitigating threats targeting civil society orgs
Israel’s NSO Group is in hot water following a Haaretz report that revealed that the company negotiated with the Saudi government on the sale of its spyware, leading the local branch of Amnesty International to call for the firm’s export licence to be revoked. The list of targets of the group’s Pegasus spyware makes for…
-
VB2018 video: Foreverdays: tracking and mitigating threats targeting civil society orgs
Israel’s NSO Group is in hot water following a Haaretz report that revealed that the company negotiated with the Saudi government on the sale of its spyware, leading the local branch of Amnesty International to call for the firm’s export licence to be revoked. The list of targets of the group’s Pegasus spyware makes for…
-
VB2018 paper: Since the hacking of Sony Pictures
Recent activity shows that the Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial institutions around the world. Perhaps unsurprisingly, the group, which is generally believed to be linked to the North Korean government, has also been very active in South Korea,…
-
VB2018 paper: Since the hacking of Sony Pictures
Recent activity shows that the Lazarus Group, which became (in)famous through the Sony Pictures breach and the WannaCry attack, is still very much active and targeting financial institutions around the world. Perhaps unsurprisingly, the group, which is generally believed to be linked to the North Korean government, has also been very active in South Korea,…
-
VB2018 video: Shedding skin – Turla’s fresh faces
“Capable, well-resourced, and they go back decades.” The Turla threat group doesn’t make the news as much as some other Russian-speaking APT groups, but it is one of the most advanced and most diverse groups out there. At VB2018 in Montreal, Kurt Baumgartner and Mike Scott from Kaspersky Lab ‘s GReAT detailed the latest malware…
-
VB2018 video: Shedding skin – Turla’s fresh faces
“Capable, well-resourced, and they go back decades.” The Turla threat group doesn’t make the news as much as some other Russian-speaking APT groups, but it is one of the most advanced and most diverse groups out there. At VB2018 in Montreal, Kurt Baumgartner and Mike Scott from Kaspersky Lab ‘s GReAT detailed the latest malware…