Posts

Cyber Weapon : Duqu

Cyber Weapon : Duqu I have been analyzing an  malware threat identified as the Duqu trojan. This Trojan horse has received a great deal of attention because it is similar to the infamous Stuxnet worm of 2010. I had put countermeasures in place  to detect Duqu C2 traffic, and they continue to monitor for new Duqu samples and update protections as needed. What is Duqu? The Duqu trojan is composed of several malicious files that work together for a malicious purpose. The first component is a Windows kernel driver that searches for and loads encrypted dynamic link library (DLL) files. The decrypted DLL files implement the main payload of Duqu, which is a remote access trojan (RAT). The RAT allows an adversary to gather information from a compromised computer and to download and run additional programs. In addition to the RAT, another piece of malware was recovered with Duqu in one instance. This malware is an information stealer designed to log user keystrokes and other ...

Cyber Security Strategy with focus on DDoS & APT’s

Evaluate Your Cyber Security Strategy with focus on DDoS & APT’s The Cyber Law Consulting Team(CLC) has observed cyber threats becoming more advanced as hackers seek new ways to breach information security or disrupt operations. Distributed Denial of Service (DDoS) attacks and Advanced Persistent Threats (APTs) are a big concern. Organizations must evaluate and develop their IT security controls to protect themselves from these sophisticated and unpredictable cyber-attacks. DDoS Attacks and DoS Attacks In a  Denial of Service attack , hackers try to disrupt a website, network or machine. The goal may be solely to prevent people from connecting to the website that is being attacked, but a Distributed Denial of Service (DDoS) attack is often used to distract a business so attackers can conduct other attacks behind the scenes while the business is focused on getting its website back up. Many times, hackers conduct a DDoS test-run on an organization to see whether it is ...

WordPress Blogging Site Vulnerabilities

WordPress Vulnerabilities WordPress is an open-source blogging platform and content management system (CMS). Since its inception in 2003, WordPress has become widely used and is very active. It is made up of more than 200,000 lines of code (written mostly in the PHP scripting language) and is used by more than  64 million websites  on the Internet. Although WordPress is considered a mature platform, regular updates address serious security vulnerabilities that may be used by an attacker targeting a WordPress site. WordPress vulnerabilities are even more of a threat when combined with recent large-scale brute-force attacks targeting WordPress websites. These threats are important considerations if you host a website on wordpress.com or use the platform on a different host. If you use WordPress, have you taken steps to secure your installation? Basic security precautions, a strong password policy, and a regular update schedule can have multiple benefits: Helps ensure you...

CYBER CRIME STATISTICS FOR 2013 & 2020

Every second at least 12 internet users in the WORLD fall victim to cyber criminals and the number keeps increasing every year, it has been revealed. A surge in viruses targeting mobile apps is a new disturbing trend in cyber-attacks.  A significant number attacks – 19 percent – target financial assets, while the number of cybercrimes organized with the purpose of mere mischief-making is now extr emely low.  According to one of the recent surveys by computer security firm Kaspersky Labs and B2B International, 62 percent of respondents had at least one incident of cybercriminals attempting to steal financial information.  The convenience of online shopping and banking services are among the major risk factors for end users According to experts at RSA security, cybercrime continues to improve its techniques and the way it organizes and targets victims. The RSA Anti-Fraud Command Center (AFCC) has developed the following list of the top cybercrime trends it expec...

Net neutrality slowly would expire..Google & fb to dominate

Net neutrality what it is? Net neutrality is an idea which stipulates that internet service providers (ISPs) only enable general web connectivity and cannot selectively connect to one website and not the other. Whether you are reading the news or browsing photographs on the web, you get the same internet speed. All ISPs open all (legal) websites whether they like it or not. They do not slow down access to Facebook or speed up access to YouTube. They do not charge extra money from Twitter or Flickr for speeding up connection to these websites. In sum, ISPs are content-agnostic. They just provide the connection at a speed for which a user is paying. Also, unlike cable TV where you have to pay for channels, for the internet you just pay for the connection. Net neutrality has some obvious advantages. It is great from the perspective of freedom of speech. It is up to a user to access what he wants on the web. But a bigger advantage of net neutrality is that it creates a level-playing fiel...