The usual suspects

Credit to Author: Sharky| Date: Fri, 13 Dec 2019 03:00:00 -0800

One morning Wilma, the print shop manager at a beer distributor, discovers that her computer has a virus. It’s no big deal — sometimes bad things happen to good computers — so she cleans up the system and gets on with her day.

But a few days later the system is infected again.

Considerably more annoyed this time, she contacts Betty (the company’s sole IT person) to get some assistance and make sure the system is 100% clean. After disinfecting the system, Betty checks the browser history and finds that someone has been making late-night visits to X-rated websites.

The question then becomes, Who is using company resources to watch porn? At most companies, suspicion would immediately fall on the nighttime cleaning crew. But the print shop is located in the warehouse, to which the cleaning crew doesn’t have access.

To read this article in full, please click here

Read more

New version of IcedID Trojan uses steganographic payloads

Credit to Author: Threat Intelligence Team| Date: Tue, 03 Dec 2019 18:06:13 +0000

We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware.



(Read more…)

The post New version of IcedID Trojan uses steganographic payloads appeared first on Malwarebytes Labs.

Read more

Throwback Thursday: See if you can wriggle out of this one

Credit to Author: Sharky| Date: Thu, 21 Nov 2019 06:00:00 -0800

It’s several years ago during a major virus outbreak — if you know your history of computer viruses, you can narrow it down — and a user at a remote site calls this pilot fish to complain that her computer won’t let her get any work done.

“I asked her if she had called the local technician — who worked for me — and she replied that she had called him numerous times but he had not picked up his phone,” says fish. “I told her I would take care of it.”

Fish calls his tech, who says he has spoken to the user each time she called and explained to her that he’ll help her as soon as he can, but he’s finishing work in another area.

That satisfies fish, who goes back to his own work. And soon he gets a message from his tech, sent from the irate user’s email account, reporting that the tech checked the user’s PC, found a virus and removed it, and updated the PC’s virus definitions. Case closed.

To read this article in full, please click here

Read more

KKNPP Attack: Tracking the DTrack!

Credit to Author: Quick Heal Security Labs| Date: Mon, 04 Nov 2019 06:11:58 +0000

The recent cyber-attack on Kudankulam Nuclear Power Plant (KKNPP) has been confirmed by the officials and yet again security of critical infrastructure has become the talk of the cyber world. The officials mentioned that there is no damage to control systems of the plant as the core processing controls are…

Read more

The infamous Spyware – Pegasus, The NSO Group and The WhatsApp snooping saga

Credit to Author: Prachi Sudame| Date: Sat, 02 Nov 2019 07:41:18 +0000

The Indian media is abuzz these days with several news and allegations around snooping on several Indian citizens through a spyware named Pegasus, allegedly delivered through WhatsApp. It’s reported widely that Facebook Inc., the parent company of popular messaging app -WhatsApp, reached out to few users from India (and other…

Read more