Another week, another news post. So let’s get to it!
- First story of the week comes from Krebs on Security, as you can tell, we really like his work. This one is interesting. It’s about a new “search engine” for user account information obtained from data breaches. Goal seems to be to frighten people into paying to have their information removed. Very interesting read. I am sure we will be hearing more about this one in the future.
- Read More @ http://krebsonsecurity.com/2014/07/even-script-kids-have-a-right-to-be-forgotten/
- Next story is by FireEye blog that takes a look at an interesting piece of malware (a variant of Havex), that focuses on scanning OPC servers used for controlling SCADA (Supervisory Control and Data Acquisition) devices in critical infrastructure. We don’t see too many stories about SCADA specific malware, so this one was a pretty interesting read, and analysis.
- Read More @ http://www.fireeye.com/blog/technical/targeted-attack/2014/07/havex-its-down-with-opc.html
- Next, an article by Symantec that takes a look at the Neverquest/Snifula banking Trojan. It’s evolved a bit, so they highlight some of the changes in the new variant.
- Read More @ http://www.symantec.com/connect/blogs/neverquest-evolves-again-and-seeks-new-targets
- Next story is a good one. Apparently, a piece of Russian government authored malware, dubbed “Gyges” has been found on sale in underground forums. The malware itself seems fairly advanced, featuring a number of advanced anti-debugging/sandboxing techniques.
- Read More @ www.infosecurity-magazine.com/view/39387/invisible-governmentauthored-malware-makes-its-way-to-underground-forums