CITADEL malware campaign disrupted

Weeks ago Microsoft announced it has successfully disrupted the citadel malware. This malware has been designed to steal banking credentials by capturing keystrokes , video  or snapshots(Interesting). It contains the full source code of Zeus Trojan. Instructions of how to remove this crimekit with Microsoft Safety Scanner are explained in the HKCERT .

Computer Time and Digital certificate

After restarting my computer today, It reset the time automatically to an outdated one. Eager I was to check my Gmail and Facebook account, while entering the URL in the browser I got the following errors : The certificate will not be valid until 5/18/12 3:00 AM. The current time is 1/1/01 8:44 PM. (ErrorContinue reading “Computer Time and Digital certificate”

Forensics Analysis of the USA labor site hacked

The site of the USA department of labor has been hacked, redirecting users and distributing malicious code. The intruders were able to disable certain antivirus vendor such as Avira and Avast if installed in the target computers. To Bypass this, just keep your antivirus up to date.  

A Standard for Incident response

Businesses are using the latest protection for their Infrastructure but are still facing threats. Once the breach has been discovered there are many steps to follow in order to keep the continuity of the operations, this process is called Incident response. Incident response is the set of actions and rules to follow in front ofContinue reading “A Standard for Incident response”

A small Look at FLAME , SKYWIPER

The security community has been tuned this week with the discovery of a new malware, Flame. It is a cyber weapon from the same family with Stuxnet and Duqu. Flame is a backdoor with 3000 lines of codes making it too difficult to be analyzed. It is a backdoor , a Trojan with worm capabilities.Continue reading “A small Look at FLAME , SKYWIPER”