Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
 Your new post is loading...
Your new post is loading...
Scoop.it!
Security researchers with Russian anti-virus company Doctor Web have examined a complex, multi-purpose backdoor for Linux. This malicious program can execute various commands issued by intruders such as to mount DDoS attacks and to perform a wide range of other malicious tasks. Learn more: - http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux 
No comment yet.
Sign up to comment
Scoop.it!
Sicherheitsforscher entdecken Hintertür zum Active Directory | Skeleton-Key-Backdoo
|
|
Scooped by Gust MEES |
Scoop.it!
Researchers have unearthed highly advanced malware they believe was developed by a wealthy nation-state to spy on a wide range of international targets in diverse industries, including hospitality, energy, airline, and research.
Backdoor Regin, as researchers at security firm Symantec are referring to the trojan, bears some resemblance to previously discovered state-sponsored malware, including the espionage trojans known as Flame and Duqu, as well as Stuxnet, the computer worm and trojan that was programmed to disrupt Iran's nuclear program. Regin likely required months or years to be completed and contains dozens of individual modules that allowed its operators to tailor the malware to individual targets.
To remain stealthy, the malware is organized into five stages, each of which is encrypted except for the first one. Executing the first stage triggers a domino chain in which the second stage is decrypted and executed, and that in turn decrypts the third stage, and so on. Analyzing and understanding the malware requires researchers to acquire all five stages. Regin contains dozens of payloads, including code for capturing screenshots, seizing control of an infected computer's mouse, stealing passwords, monitoring network traffic, and recovering deleted files. Other modules appear to be tailored to specific targets. One such payload included code for monitoring the traffic of a Microsoft IIS server. Another sniffed the traffic of mobile telephone base station controllers.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=REGIN
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Warriorpride
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Quantum
- http://www.scoop.it/t/securite-pc-et-internet/?tag=cyberwar
- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA
- http://www.scoop.it/t/securite-pc-et-internet/?tag=TAO
Researchers have unearthed highly advanced malware they believe was developed by a wealthy nation-state to spy on a wide range of international targets in diverse industries, including hospitality, energy, airline, and research.
Backdoor Regin, as researchers at security firm Symantec are referring to the trojan, bears some resemblance to previously discovered state-sponsored malware, including the espionage trojans known as Flame and Duqu, as well as Stuxnet, the computer worm and trojan that was programmed to disrupt Iran's nuclear program. Regin likely required months or years to be completed and contains dozens of individual modules that allowed its operators to tailor the malware to individual targets.
To remain stealthy, the malware is organized into five stages, each of which is encrypted except for the first one. Executing the first stage triggers a domino chain in which the second stage is decrypted and executed, and that in turn decrypts the third stage, and so on. Analyzing and understanding the malware requires researchers to acquire all five stages. Regin contains dozens of payloads, including code for capturing screenshots, seizing control of an infected computer's mouse, stealing passwords, monitoring network traffic, and recovering deleted files. Other modules appear to be tailored to specific targets. One such payload included code for monitoring the traffic of a Microsoft IIS server. Another sniffed the traffic of mobile telephone base station controllers.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=REGIN
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Warriorpride
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Quantum
- http://www.scoop.it/t/securite-pc-et-internet/?tag=cyberwar
- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA
- http://www.scoop.it/t/securite-pc-et-internet/?tag=TAO
|
|
Rescooped by Gust MEES from 21st Century Learning and Teaching |
Scoop.it!
Bösartige Angreifer kapern Apache-Webserver und leiten deren Besucher auf Schad-Websites um. Die Tarnung der Malware ist fast perfekt.
Eine Hintertür, die von Administratoren nur schwer bemerkt werden kann, sorgt dafür, dass Internet-Anfragen an Apache-Server nicht in Logs aufgenommen werden. Die gesendeten http-Anfragen, die in Wirklichkeit einen Trojaner steuern, sind nicht ersichtlich. Der Rest des Angriffs läuft im Speicher ab, Bugfixes gibt es noch nicht.
29. April 2013 von Manfred Kohlen 0
Die Malware Linux/Cdorked.A ist eine raffinierte Hintertür, die alles tut, um den Internetverkehr auf schädliche Webseiten umzuleiten, schreibt Sicherheitsanbieter Eset in einer aktuellen Warnung. Der Schädling sei so gut, dass er laut eigener Analysen schon hunderte von Webservern unter seine Kontrolle gebracht habe.
|
|
Scooped by Gust MEES |
Scoop.it!
Tech chiefs are worried by the threat posed by IoT devices, which could provide a new way of attacking corporate networks.
Learn more:
- http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Quantum
- http://www.scoop.it/t/securite-pc-et-internet/?tag=cyberwar
- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA
Tech chiefs are worried by the threat posed by IoT devices, which could provide a new way of attacking corporate networks.
Learn more:
- http://www.scoop.it/t/21st-century-learning-and-teaching/?tag=Internet+of+Things
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Internet+of+things
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Quantum
- http://www.scoop.it/t/securite-pc-et-internet/?tag=cyberwar
- http://www.scoop.it/t/securite-pc-et-internet/?tag=NSA
- http://www.scoop.it/t/securite-pc-et-internet/?tag=TAO
|
|
Scooped by Gust MEES |
Scoop.it!
Security researchers have released a report examining a social engineering operation designed to trick admins into installing backdoor malware called CrytoPHP by way of of tainted CMS plugins and themes for WordPress, Joomla and Drupal.
The attackers lure targets into publishing the pirated themes and plugins by providing them for free, offerings that usually incur a fee for use.
“After being installed on a webserver the backdoor has several options of being controlled which include command and control server communication, mail communication as well as manual control,” the researchers revealed.
Security researchers have released a report examining a social engineering operation designed to trick admins into installing backdoor malware called CrytoPHP by way of of tainted CMS plugins and themes for WordPress, Joomla and Drupal.
The attackers lure targets into publishing the pirated themes and plugins by providing them for free, offerings that usually incur a fee for use.
“After being installed on a webserver the backdoor has several options of being controlled which include command and control server communication, mail communication as well as manual control,”the researchers revealed.
|
|
Rescooped by Gust MEES from 21st Century Learning and Teaching |
Scoop.it!
Many poorly-secured company servers are exposed online, offering attackers ready made backdoors to wipe or steal data
Moore’s scan found 308,000 BMCs that used the problem protocol identified by Farmer. A total of 53,000 of them were configured in a way that allows access without a password; 195,000 stored passwords and other credentials unencrypted; 99,000 exposed encoded passwords that could be cracked by an attacker (Moore says that he unscrambled 10 percent in a preliminary test); 35,000 had vulnerabilities in the Universal Plug and Play protocol that Moore’s previous Internet scan highlighted.
Moore’s scan found 308,000 BMCs that used the problem protocol identified by Farmer. A total of 53,000 of them were configured in a way that allows access without a password; 195,000 stored passwords and other credentials unencrypted; 99,000 exposed encoded passwords that could be cracked by an attacker (Moore says that he unscrambled 10 percent in a preliminary test); 35,000 had vulnerabilities in the Universal Plug and Play protocol that Moore’s previous Internet scan highlighted.
Moore’s scan found 308,000 BMCs that used the problem protocol identified by Farmer. A total of 53,000 of them were configured in a way that allows access without a password; 195,000 stored passwords and other credentials unencrypted; 99,000 exposed encoded passwords that could be cracked by an attacker (Moore says that he unscrambled 10 percent in a preliminary test); 35,000 had vulnerabilities in the Universal Plug and Play protocol that Moore’s previous Internet scan highlighted.
This really should not surprise anyone given the current state of "security" that we have seen as of late.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux