The Latest in IT Security

Posts Tagged ‘interesting network’

We recently came across a compromised website pushing out a payload that belongs to the Pushdo botnet, a botnet reportedly controlled by a well-funded Eastern European Cybercrime group. This botnet has often been closely associated with the Cutwail spam botnet. In the past, the Cutwail group would spam out payloads for the Pushdo botnet, which […]

Read more ...

Lately, we have seen a good number of samples generating some interesting network traffic through our automated framework. The HTTP network pattern generated contains a few interesting parameters, names like “&av” (for antivirus?) and “&vm=”(VMware?), The response received looked to be encrypted, which drew my attention. Also, all the network traffic contained the same host […]

Read more ...

[News from my colleagues in Russia, Aleksandr Matrosov and Eugene Rodionov.]Recently, we had a stroke of luck: our TDL tracker picked up a brand new plugin for TDL4 kad.dll (Win32/Olmarik.AVA) which we haven’t seen previously. It took some time to find out what it is intended to do. After some preliminary analysis we discovered that […]

Read more ...


Categories

WEDNESDAY, DECEMBER 11, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments