Visual Investigations of Botnet Command and Control Behavior Infographic

Here is a really cool infographic developed by the director of researcher at Lancope. The original post can be found HERE.

In October, Tom Cross, Lancope’s Director of Research, presented a poster at Visualization for Cyber Security (VizSec) 2013 in Atlanta, GA . The poster included visualizations of the command-and-control channels of nearly two million botnet samples in an effort to help foster a better understanding of how botnets operate, and more effectively differentiate them from legitimate network traffic. The poster was created as a result of data analysis conducted by Lancope’s StealthWatch Labs research team. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

What is Cryptolocker and how to protect yourself

My buddy Aamir wrote a great post on Cryptolocker. The original can be found HERE.

Cryptolocker is malware that is categorized as ransomware. According to Wikipedia, “Ransomware comprises a class of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator of the malware in order for the restriction to be removed” (Wikpedia).

Cryptolocker is dangerous because if you are infected with the malware, you are in danger of losing all your files that are local to your machine, including attached storage (USB drives) and connected network drives. The network drives or any other mass storage media that shows up as a drive letter could be corrupted by the malware. Continue reading

VN:F [1.9.22_1171]
Rating: 4.0/5 (2 votes cast)

Cross-Platform Malware: A Growing Threat For Computers

The MobiStealth team created a infographic featuring a known cross-platform malware known as Koobface. Check out the research and infograph below. The original can be found HERE.

Computer Malware & Koofbace:
The mention of cross-platform malware may not cause too many heads to turn today, but in 2009, it was still a relatively unfamiliar threat. That is precisely why the notorious computer worm popularly known as Koobface managed to wreck so much havoc using social networking websites, email outlets and messenger services. Unlike other malware, it spared no OS, be it Windows, Mac, or even Linux. The computer worm proved to be a really hard nut for the security experts to crack, giving it plenty of time to expand its list of victims and snagging money off them. Take a look at our Koobface infographics to see what the greatest threat in malware history had been up to and what you can do to keep yourself off its list of victims. Continue reading
VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Malwarebytes annouces FBI Ransomware Now Targeting Apple’s Mac OS X Users

Interesting release from Malwarebytes regarding a new type of ransomware that targets Mac systems. This goes to show that Macs can be infected with malware and most likely will continue to be a focus for malicious attacks as Apple wins marketshare. Yes, Windows based systems have more known malware in the wild however, Macs are not necessarily more secure as many people believe. The original article can be found HERE. Credit due to Jerome Segura (@jeromesegura), senior security researcher at Malwarebytes and the rest of his team.

For years, Windows users have been plagued by ransomware demanding several hundred dollars to unlock their computers. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Post NAC: Cisco Identity Services Engine (ISE) and Lancope StealthWatch for Total Access Control

Controlling who and what access your network is a critical element to keep your resources safe from malicious threats. Network Admission Control (NAC) solutions like the Cisco Identity Services Engine (ISE) can police who and what is permitted network access as well as enforce policy for those devices. Examples would be permitting an administrator with a government furnished Windows 7 laptop access to VLAN 10, which holds internal servers, while provisioning a marketing professional’s iPad with VLAN 20 access, which is limited to Internet and email through the use of ACLs. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Cisco’s Cyber Solutions – What Is Happening In Your Network

Watching Cisco’s Cyber Solutions – What Is Happening In Your NetworkToday’s threat landscape is loaded with malicious websites, malware and other risks that attack users every nanosecond of the day.  There isn’t a single product available that can guarantee protection from cyber threats. Older solutions leveraging static technologies such as signatures are not good enough. The best approach for dealing with advanced threats is continuously monitoring the entire network through layering security technologies. Continue reading

VN:F [1.9.22_1171]
Rating: 4.0/5 (1 vote cast)

Beating Signature Based Security – Dynamic Software That Obfuscates Malware

Most Security solutions leverage a combination of signature and behavior based technology (more HERE). This worked in the past however today these solutions are not good enough regardless if you layer multiple products that are built upon similar scanning methods. There are many ways to bypass point Security products such as throttling behavior and masking the known fingerprint of the attack code. A example of a technique used to hide malware from popular Anti-Virus packages is leveraging Dynamic Obfuscation software. Screen Shot 2012 12 10 at 9.53.38 AM Beating Signature Based Security – Dynamic Software That Obfuscates Malware

Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Why you should NOT use File Sharing services such as LimeWire and UTorrent : How to hide Malware / Rootkits in legitimate software.

 Why you should NOT use File Sharing services such as LimeWire and UTorrent : How to hide Malware / Rootkits in legitimate software.Free file sharing services such as LimeWire, FrostWire and UTorrent in most forms is illegal (note: there are legal sources however this post is focusing on file-sharing of pirated content). The cost of music, software and other applications are becoming more expensive to accommodate lost revenue caused by piracy spread through file sharing. As the price goes up to make up lost revenue, more people join file sharing networks. It’s a vicious cycle. There is however a more important reason besides ethics, law and cost to not be involved with file sharing services. Like my mother use to say … “nothing is free in this world”. Most of the pirated goods from file sharing you believe are free actually come at a very high price to your system and privacy. Continue reading

VN:F [1.9.22_1171]
Rating: 3.0/5 (2 votes cast)

Web Security Offerings From Cisco: Comparing Cisco NEW CX to IronPort Web Security Appliance WSA

 Web Security Offerings From Cisco: Comparing Cisco NEW CX to IronPort Web Security Appliance WSAToday’s Internet is a dangerous place. Imagine a small village with law and order surrounded by a wall keeping out miles of ungoverned ruthless territory. Most known websites surfed daily by your users make up a small percentage of the total Internet. The remaining 80% or more of uncategorized websites are contaminated with Botnets, malware and short-lived websites targeting your users. Many of these malicious websites are embedded in trusted sites such as social networks by hiding in advertisements or silly links posted by your friends. The best protection for this threat vector is limiting Internet usage to trusted websites and monitoring those websites for malicious applications. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (11 votes cast)