blog trackingRealtime Web Statistics linked Archives - Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘linked’

Elderwood Attack Platform Linked To Various Zero-Day Attacks

Researchers at Symantec have confessed that the Elderwood attack platform is at the middle of tons of zero-day attacks. These attacks were launched by a hacker crew this year. Over the past few years, the Elderwood platform was linked to a number of zero day exploits. It was used to target multiple sectors starting from the defense industry and the manufacturing industry to the organizations of human rights. Read More….

For more information go to, http://www., or

The post Elderwood Attack Platform Linked To Various Zero-Day Attacks appeared first on National Cyber Security.

View full post on National Cyber Security

aljazeeraamerica: Water pollution in four states linked to oil…

aljazeeraamerica: Water pollution in four states linked to oil and gas drilling In at least four states that have nurtured the nation’s energy boom, hundreds of complaints have been made about well-water contamination from oil or gas drilling, and pollution was confirmed in a number of them, according to a review that casts doubt on industry suggestions […]

View full post on The Cyber Wars

Somali gang linked to sex trafficking

e search warrant indicates the Somalian gangs force women into prostitution and then move them across state lines. Sources tell FIVE EYEWITNESS NEWS that as … ___________________________ Read More….

View full post on Select From Our Menu

New York Governor Linked To High-End Prostitution Ring

Gov. Eliot Spitzer’s political career teetered on the brink of collapse Monday after the corruption-fighting politician once known as “Mr. Clean” was accused… Read More….

View full post on Select From Our Menu

Police: Shooting Linked To

A man says he went to see a woman he met on, but instead was confronted by two men who he says shot him. Read More….

View full post on Select From Our Menu

Women linked to escort website

Three of four women who were found murdered in Detroit have been linked to an escort website. Read More….

View full post on Select From Our Menu

Antivirus startup linked to infamous Chinese hacker

Antivirus startup linked to infamous Chinese hacker ‘This may all be a strange coincidence or hoax,’ the reporter who discovered the link warned By Antone Gonsalves CSO – Anvisoft, a Chinese antivirus startup, has been linked to an infamous hacker suspected of developing sophisticated malware used to siphon sensitive information from Defense Department contractors in [...]

View full post on The Cyber Wars

Flashback Malware Mac Attacks Linked to Luckycat Hacker Campaign

Earlier this month, it was reported that a certain malware is infecting Mac OS X machines. The malware was identified as BackDoor.Flashback.39–a Trojan that targets an unpatched JavaScript codes (CVE-2011-3544, CVE-2008-5353 and CVE-2012-0507) vulnerabilities within Mac OS.  More than 600,000 Macs were said to be infected by the persistent malware.

Apple released two security updates to resolve the issue and is working on an antidote that would eliminate the threat as well as hunt the Trojan author but pundits aren’t happy with how Apple is handling the situation.  They want Apple to work faster, resolve the issue and make sure that nothing like this happens again.  But the threat is persistent.  And here’s why:  there’s a new malware in town.


Security experts recently identified a new breed of backdoor Trojans, the Backdoor.OSX.SabPub.a which Kaspersky Lab Expert Costin Raiu recently proved is linked to Luckycat–a campaign that targeted industries and/or communities from aerospace, energy, engineering, shipping, military research, and Tibetan activists.

Aside from the fact that both are backdoor Trojans, what links the two is the command-and-control (CC) at IP 199.192.152.* used in both of them.

As a typical procedure when a threat is identified, security experts create a fake system and infect it with the malware so they can observe how it works.  The first two days of observation were uneventful but the third day gave them quite a surprise.

“On the morning of Sunday April 15, the traffic generated by the CC changed,” Raiu explains.  “The attackers took over the connection and started analysing our fake victim machine. They listed the contents of the root and home folders and even stole some of the goat documents we put in there!”

Raiu is confident in their conclusion that SabPub has a real attacker that manually checks the infected machines and extracts data from them.

“It connects to a control server using HTTP, receiving commands from remote hackers as to what it should do,” Sophos Senior Technology Consultant Graham Cluley noted. “The criminals behind the attack can grab screenshots from infected Macs, upload and download files, and execute commands remotely.”

It is believed that the SabPub was created back in February of this year and spread thru spear-phising.  It was also reported that a second version of SabPub was found and believed to have been created last March.  And this is the malware that uses the Java exploits to wreak havoc in Macs.  Experts believe that there are more SabPub variations not yet found or will be released in the future.

Raiu also stated in one of his earlier posts that the attacks weren’t quickly identified as it was using ZelixKlassMaster, a flexible and quite powerful Java obfuscator to hide the attacks.

In the same vein:

Article source:

View full post on National Cyber Security » Virus/Malware/Worms

Likely Visa, MasterCard security breach linked to third-party processor

The credit card giants tell banks that a third-party payment processor may have been breached, causing the loss of tens of thousands of card numbers.

Add to digg
Add to StumbleUpon
Add to
Add to Google

View full post on SearchSecurity: Security Wire Daily News

View full post on National Cyber Security

BBC cyber-attack ‘linked to Iran’

The BBC says its Persian Service has been targeted by a sophisticated cyber-attack , being linked to other attacks on the channel which broadcasts to Iran.

View full post on cyber attack – Yahoo! News Search Results

View full post on National Cyber Security

Page 1 of 3123»

Get The New Book By Gregory Evans

Everyone Is Talking About!

Are You Hacker Proof?

Find Out More, Click Here!