Top IT Security Bloggers
Arbor Networks
-
Zyklon Season
Arbor NetworksThe ASERT research team has recently done some work reverse engineering a family of malware called “Zyklon H.T.T.P.” that is written using the .Net framework. Zyklon (German for “cyclone”) is a large, multi-purpose trojan that includes support for a variety of malicious activities, including several […] -
WannaCry
Arbor NetworksInformation regarding the WannaCry ransomware is spreading as quickly as the malware itself and is expected to do so throughout the weekend. This blog provides some information from our malware processing system that may, or may not be, available elsewhere. The WannaCry ransomware propagates by […] -
Greenbug’s DNS-isms
Arbor NetworksOver the past few months there has been a lot of research and press coverage on the Shamoon campaigns. These have been the attacks on Saudi Arabian companies where a destructive malware known as Disttrack was deployed. The malware, using stolen credentials, spreads throughout the […] -
Observed Spike in DDoS Attacks Targeting Hong Kong
Arbor NetworksIntroduction Each week ASERT produces a weekly threat intelligence bulletin for Arbor customers. In addition to providing insights into the week’s security news and reviewing ASERT’s threat research activities, we also summarize the weeks DDoS attack data as reported by over 330 global Internet Service […] -
Acronym: M is for Malware
Arbor NetworksA malware researcher known as Antelox recently tweeted about an unknown malware sample that caught our eye. Upon further investigation, it is a modular malware known as Acronym and could possibly be associated with the Win32/Potao malware family and the Operation Potao Express campaign. This […] -
Change All Your Passwords, Right Now!
Arbor Networksby Steinthor Bjarnason, Senior ASERT Security Analyst & Roland Dobbins, ASERT Principal Engineer CloudFlare are probably best known as a DDoS mitigation service provider, but they also operate one of the largest Content Delivery Networks (CDNs) on the Internet. Many popular Web sites, mobile apps, […] -
Change All Your Passwords, Right Now!
Arbor Networksby Steinthor Bjarnason, Senior ASERT Security Analyst & Roland Dobbins, ASERT Principal Engineer CloudFlare are probably best known as a DDoS mitigation service provider, but they also operate one of the largest Content Delivery Networks (CDNs) on the Internet. Many popular Web sites, mobile apps, etc. make use of the CloudFlare CDN, which hosts content […] -
Additional Insights on Shamoon2
Arbor NetworksIBM analysts recently unveiled a first look at how threat actors may have placed Shamoon2 malware on systems in Saudi Arabia. Researchers showcased a potential malware lifecycle which started with spear phishing and eventually led to the deployment of the disk-wiping malware known as Shamoon. Their research showcased a set of downloaders and domains that […] -
Flokibot Invades PoS: Trouble in Brazil
Arbor NetworksIntroduction Threat actors salivate at the thought of an increased volume of credit and debit card transactions flowing through endpoints they have compromised with card-stealing malware. While there are many distinct malware families that scrape unencrypted process memory to obtain cards, some of these malware capabilities overlap with generic information stealing trojans such as Flokibot […] -
Non-Government Organization in Support of Government Hopes
Arbor NetworksRed Team analysis is the process of viewing a situation from the perspective of an adversary thus providing insights beyond those that might otherwise be limited by normative biases. This blog provides an assessment of one company’s foray into the popular APT outing trend in the context of China’s cyber buildup and what that could […]