SEARCH RESULTS
 
Showing 1-10 of 18 records
 
Expand article

Identifying the Gpcode Ransomware Author

The Article has images
2008-09-30 17:23:32 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...OSINT regarding the campaigners behind the recent Gpcode targeted cryptoviral extortion attacks The individual is believed to be a Russian national, and has been in contact with at least one anti-malware company, Kaspersky Lab, in an attempt to sell a tool that could be used to decrypt victims' files. Kaspersky Lab set about locating the man...
 
Tags: gpcode, gpcode campaigns, recent gpcode, gpcode ransomware, gpcode campaigners, gpcode authors, kaspersky lab, virtual currency accounts, liberty reserve accounts
 
 
 
 
Expand article

Combating Unrestricted Warfare

The Article has images
2007-12-15 09:08:23 by HASH0x8472308 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...OSINT Through Botnets Corporate Espionage Through Botnets Overperforming Turkish Hacktivists Hacktivism Tensions - Israel vs Palestine Cyberwars The Current, Emerging, and Future State of Hacktivism Internet PSYOPS - Psychological Operations DDoS on Demand VS DDoS Extortion The Biggest Military Hacks of All Time
 
Tags: chinese information warfare, information, information warfare, warfare, cyber warfare unit, cyber warfare, asymmetric warfare, unconventional warfare, warfare employs surprise
 
 
 
 
Expand article

Anti-Malware Vendor's Site Serving Malware

The Article has images
2008-02-12 20:31:18 by HASH0x8b333c4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...OSINT style , the domain used to respond to an IP within RBN's previous infrastructure. The big picture is even more ugly as you can see in the attached screenshot indicating a huge number of different malwares that were using ntkrnlpa.info as a connection/communication host in the past and in the present. I wonder would the vendor brag about...
 
Tags: site, virut virus, virus, indian anti-virus site, malware, web site downloads, antivirus site, hackers, hackers seed malware
 
 
 
 
Expand article

Statistics from a Malware Embedded Attack

The Article has images
2008-02-13 17:01:04 by HASH0x8bf8c1c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...OSINT technique that given enough such stats are obtained an properly analyzed we'd easily come to a quantitative conclusion on a malware infected hosts per campaign/malware group in question In this particular case, 99% of the traffic for the last three days came from a single location that's using multiple IFRAMEs to make it hard to trace...
 
Tags: malware, malware kit, hosts, malicious hosts, sample malware, infrastructure, vertuslkj, operational intelligence approach, statistics
 
 
 
 
Expand article

Uncovering a MSN Social Engineering Scam

The Article has images
2008-02-20 14:56:53 by HASH0x8b28420 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...OSINT data available, and earn higher-profit margins with the segmentation service offered to SPIMmmers Related posts MSN Spamming Bot DIY Fake MSN Client Stealing Passwords Thousands of IM Screen Names in the Wild Yahoo Messenger Controlled Malware
 
Tags: msn, scam, msn scam, msn messenger, malicious parties care, malicious parties, osint data, data, earn
 
 
 
 
Expand article

RBN's Phishing Activities

The Article has images
2008-02-27 13:20:49 by HASH0x8b05fb8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...OSINT techniques RBN URLs used in the phishing redirects 81.95.149.226/scm/us/wels/index.html 81.95.149.226/scm/uk/lloydstsb/personal/index.html 81.95.149.226/scm/cyprus/persmain.html 81.95.149.226/scm/au/westpac/index.html 81.95.149.226/scm/au/commonwealth 81.95.149.226/scm/au/warwickcreditunion/index.html...
 
Tags: rbn, html, historical screenshot, screenshot, rbn urls, network, russian business network, nuklus production speaks, nuklus
 
 
 
 
Expand article

Terror on the Internet - Conflict of Interest

The Article has images
2008-03-18 19:58:23 by HASH0x8471fd8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...OSINT and trust the source of the intell data of course. Now, picture the situation where an intelligence agency is shutting down cyber jihadist sites on a large scale not believing in the value that the intelligence data they they could provide, another one given a mandate to censor cyber jihadist communities compiling reports stating that...
 
Tags: cyber jihadist, cyber jihadist communities, novice cyber jihadists, jihadists, cyber jihadist forums, cyber jihadist sites, attract cyber jihadists, internet, cyber jihadists
 
 
 
 
Expand article

Massive IFRAME SEO Poisoning Attack Continuing

The Article has images
2008-03-27 21:12:29 by HASH0x8b4fa7c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...OSINT manner. The main IPs within the IFRAMES acting as redirection points to the newly introduced rogue software and malware, remain the same, and are still active. The very latest high profile sites successfully injected with IFRAMES forwarding to the rogue security software and Zlob malware variants USAToday.com , ABCNews.com , News.com...
 
Tags: massive, single massive seo, profile sites, profile sites iframe, attack, seo, malware, malware attack, massive blackhat seo
 
 
 
 
Expand article

The Cyber Storm II Cyber Exercise

The Article has images
2008-04-03 12:29:03 by HASH0x8b6d0a8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...OSINT and conducting espionage through botnets Cyber warfare tensions engineering through the use of stepping stones Stolen and manipulated data is more valuable than destroyed data Lack of pragmatic blackhat mentality scenario building intelligence capabilities Unrestricted Warfare must be first understood as a concept, than anticipated as...
 
Tags: cyber warfare, passive cyber warfare, cyber warfare tensions, offensive cyber warfare, cyber warfare exercise, warfare, econonomic warfare, cyber warfare attacks, broader information warfare