Doki Backdoor Infiltrates Docker Servers in the Cloud
The malware is a new payload that uses Dogecoin wallets for its C2, and spreads via the Ngrok botnet. Continue reading Doki Backdoor Infiltrates Docker Servers in the Cloud
Collaborate Disseminate
The malware is a new payload that uses Dogecoin wallets for its C2, and spreads via the Ngrok botnet. Continue reading Doki Backdoor Infiltrates Docker Servers in the Cloud
DGA (“Domain Generation Algorithm“) is a technique implemented in some malware families to defeat defenders and to make the generation of IOC’s (and their usage – example to implement black lists) more difficult. When a piece of malware has to contact a C2 server, it uses domain names or IP
[The post Simple DGA Spotted in a Malicious PowerShell has been first published on /dev/random]
Continue reading Simple DGA Spotted in a Malicious PowerShell
We are happy to announce the release of CapLoader 1.8 today! CapLoader is primarily used to filter, slice and dice large PCAP datasets into smaller ones. This new version contains several new features that improves this filtering functionality even fur… Continue reading CapLoader 1.8 Released
Using an on-again, off-again strategy of C2 communication helps it hide from researchers. Continue reading Necurs Botnet Evolves to Hide in the Shadows, with New Payloads
Researchers say cyrptojackers are bypassing ad-blocking software in an attempt to run in-browser cyrptocurrency miner Coinhive. Continue reading Ad Network Circumvents Ad-Blocking Tools To Run In-Browser Cryptojacker Scripts
An academic paper to be presented today at IEEE posits that analysis of network signals provides a better early warning of malware than infections than current practices. Continue reading Malware Network Communication Provides Better Early Warning Signal
Written by Avi Aminov and Or Katz Overview Imagine you are standing in the middle of a crowded train station and want to have a private conversation with an old friend. You’ve been waiting for the perfect time to contact… Continue reading Spotlight on Malware DGA Communication Technique
A compilation of notable security news and blog posts from the 4th of December to the 10th. This week, we talked about DGA, a rootkit, another malvertising campaign, and a fake news about “smart drugs”.Categories: Security world
Week in securityTags: … Continue reading A week in security (Dec 04 – Dec 10)
Domain Generating Algorithms are in use by cyber criminals to prevent their servers from being blacklisted or taken down. The algorithm produces random looking domain names. The idea is that two machines using the same algorithm will contact the same d… Continue reading Explained: Domain Generating Algorithm
Attackers behind the banking Trojan Vawtrak fortified it with a domain generation algorithm (DGA) and SSL pinning capabilities.
Continue reading Vawtrak Banking Trojan Adds DGA, SSL Pinning