Exploit This

Security News, Exploits, and Vulnerabilities.

Ransomware in targeted attacks

Ransomware’s popularity has attracted the attention of cybercriminal gangs; they use these malicious programs in targeted attacks on large organizations in order to steal money. In late 2016, we detected an increase in the number of attacks, the main goal of which was to launch an encryptor on an organization’s network nodes and servers.

ATMitch: remote administration of ATMs

In February 2017, we published research on fileless attacks against enterprise networks. This second paper is about the methods and techniques that were used by the attackers in the second stage of their attacks against financial organizations – basically enabling remote administration of ATMs.

Lazarus Under The Hood

Today we’d like to share some of our findings, and add something new to what’s currently common knowledge about Lazarus Group activities, and their connection to the much talked about February 2016 incident, when an unknown attacker attempted to steal up to $851M USD from Bangladesh Central Bank.

Penquin’s Moonlit Maze

Moonlight Maze is the stuff of cyberespionage legend. In 1996, in the infancy of the Internet, someone was rummaging through military, research, and university networks primarily in the United States, stealing sensitive information on a massive scale. To say that this historic threat actor is directly related to the modern day Turla would elevate an already formidable modern day attacker to another league altogether.

Top 8 Reasons You Don’t Want to Miss SAS 2017

If you’ve never been to SAS, ask around. You really are missing out on the best security conference in the industry – and event where the best connections are made, high-quality discoveries are shared in a fun, casual atmosphere.

Dissecting Malware

From March 30 through April 2, 2017, one of them — Principal Security Researcher at Kaspersky Lab Nicolas Brulez — will deliver a course on the subject he has been training people around the world on for 12 years, malware reverse engineering.

How to succeed in online investigations and digital forensics

Maltego, the tool best known for deep data mining and link analysis, has helped law enforcement, intelligence agencies and others in security-related work since it was released in 2008. To benefit from using Maltego, come to SAS 2017 for intensive Digital Intelligence Gathering training from the experts who created the tool from scratch: there won’t be any questions that they can’t answer.

Caribbean scuba diving with IT-security in mind

Dare to submit your research proposal before December 1, 2016 to dive into undiscovered and uncharted cybercrimes, hacks, espionage and much more at the Security Analyst Summit.

%d bloggers like this: