Attackers | DataProtectionCenter.com

Winnti returns with PlugX

15

Apr

2013

Continuing our investigation into Winnti, in this post we describe how the group tried to re-infect a certain gaming company and what malware they used. After discovering that the company’s servers were infected, we began to clean them up in conjunction with the company’s system administrator, removing malicious files from the corporate network. This took […]

Category General Written by Securelist / Blog 0 Comments

DNS Poisoning Hits Kenya Google, MSN, Skype…

15

Apr

2013

The Websense® ThreatSeeker® Network has detected that a DNS poisoning attack is happening in Kenya, with local big name websites in information technology targeted including Google, Bing, and LinkedIn. Although DNS records point to a page on behalf of the attackers that lets the browsing user know about the hack, it could easily be replaced with a malicious page at will. Below […]

Category Security Written by Websense 0 Comments

Winnti-Stolen Digital Certificates Used in Orphan Tibetan Refugee Children Caregivers Attack

12

Apr

2013

A new-ish Flash exploit has been on the loose for attacks around the web. This time, the attackers have compromised a caregiver site providing support for Tibetan refugee children and are spreading backdoors signed with Winnti stolen certificates delivered with Flash exploits – the compromised web site is the NGO “Tibetan Homes Foundation”. Previously, FireEye […]

Category General Written by Securelist / Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘Attackers’

Winnti returns with PlugX

DNS Poisoning Hits Kenya Google, MSN, Skype…

Winnti-Stolen Digital Certificates Used in Orphan Tibetan Refugee Children Caregivers Attack

Categories

Featured

Archives

Latest Comments

About Us

Contact Us