Cool News Story Bro! Week of 6-27-2014

by Otakun
Categories: News
Tags: No Tags
Comments: Leave a Comment

Another week, another news recap! Got some pretty interesting stuff for you guys this week.

  1. HackingTeam 2.0: The Story Goes Mobile

    1. First story of the day comes by the way of SecureList. This is part of their ongoing coverage of the HackingTeam’s (an Italian Company)  “legal” spyware tool suite known as “RCS” or Remote Control Systems. This article focuses on their mobile implementation of the spyware tools. Really good analysis here. Interesting read.
    2. Read More @ http://www.securelist.com/en/blog/8231/HackingTeam_2_0_The_Story_Goes_Mobile
  2. Cybercriminals targeting obsolete Japanese blogging tool

    1. Another story, courtesy of SecureList. We all known that popular blogging platforms are a target for cybercriminals. WordPress is fairly notorious in this regard. This is also true for a popular blogging platform from Japan, known as WDP or “Web Diary Professional”.  Since this product is no longer supported it’s even more of a target, and quite a few people still seem to be using it. This article looks at some of the more prominent issues with this tool.
    2. Read More @ http://www.securelist.com/en/blog/208214309/Cybercriminals_targeting_obsolete_Japanese_blogging_tool
  3. Hackers Recreate NSA Snooping Kit Using Off-the-shelf Parts

    1. Next, a story from DarkReading about an Open Source project aimed at replicating some of the hardware in the NSA Snooping Kit. Pretty self explanatory, goal of the project is to try and recreate some of the tools in the NSA’s arsenal using off-the-shelf components. Looking forward to seeing what comes out of this project.
    2. Read More @ http://www.darknet.org.uk/2014/06/hackers-recreate-nsa-snooping-kit-using-shelf-parts/
  4. Use the force Luuuk

    1. Another story by SecureList. This time, an analysis of the Luuuk Banking Fraud campaign that managed to steal more than half a million Euro in about a week, using the MITB (Man in the browser) attack.
    2. Read More @ http://www.securelist.com/en/blog/8230/Use_the_force_Luuuk
  5. A Glance Into the Neutrino Botnet

    1. This story, courtesy of McAfee Labs, takes a look into the Neutrino Botnet. As I’ve mentioned before, I tried to follow various exploit kits fairly closely as I find them rather interesting, so any chance I can get to read up on them I am more than happy to take.
    2. Read More @ http://blogs.mcafee.com/mcafee-labs/glance-neutrino-botnet
  6. Bypassing Windows 8.1 Mitigations using Unsafe COM Objects

    1. This was a really good read for anyone out there interested in Windows security. This details a Mitigation Bypass exploit for Windows 8.1 that was awarded a $100,000 bounty. Needless to say, that’s a pretty good cash-in, and fully deserved. Very interesting read.
    2. Read More @ http://www.contextis.com/blog/windows-mitigaton-bypass/
  7. Dropbox Abused in Targeted Attacks Using PlugX RAT With “Time Bomb”

    1. Last, but not least, an article over at SecurityWeek about a PlugX RAT variant that uses Dropbox in it’s C2 communication. This variant was discovered as part of a targeted attack campaign against a government agency in Taiwan.
    2. Read More @ http://www.securityweek.com/dropbox-abused-targeted-attacks-using-plugx-rat-time-bomb


Leave a Reply

Your email address will not be published. Required fields are marked *

Today is Monday