The computers of the IAEA have been infected by a malware.The nuclear agency holds sensitive information from many European states and is an active actor in the fight against Nuclear weapons. It appears that the malicious software once installed was able to transfer information from USB drive of any visitors to the office in Vienna. Though the thumb drive was not a vector, but the victim in this infection.
Microsoft Digital crime unit has introduced a cloud based technology to help organizations worldwide to fight against malware. It is a technology called Windows Azure-based Cyber Threat Intelligence Program (C-TIP) that will allow the interested parties to share information on real time. But Microsoft advises to use the Malicious Software Removal Tool to clean infected computers. The new C-TIP takes this effort to a new level.
ZMap is a security tool able to scan the entire internet in matter of second. Contrary to Nmap that looks for multiple port on an range of IP address, ZMap on the inverse searches for the entire IPV4 address on a single port.
For those Interested, the tool is here
If they publicly say they can decrypt alqaeda messages, maybe truly they can’t.
It was dubbed DarkSeoul, not because Seoul is a dark city , instead for the reason that this malicious software was targeting South Korea assets. This malware has infected many corporations, searching machines for credentials with root access to servers. The US-CERT has released a document describing this attack in detail.
Weeks ago Microsoft announced it has successfully disrupted the citadel malware. This malware has been designed to steal banking credentials by capturing keystrokes , video or snapshots(Interesting). It contains the full source code of Zeus Trojan. Instructions of how to remove this crimekit with Microsoft Safety Scanner are explained in the HKCERT .
After restarting my computer today, It reset the time automatically to an outdated one. Eager I was to check my Gmail and Facebook account, while entering the URL in the browser I got the following errors : The certificate will not be valid until 5/18/12 3:00 AM. The current time is 1/1/01 8:44 PM.
(Error code: sec_error_expired_issuer_certificate).
My machine had the 1/1/01 set as date meaning that many webservers could not authenticate to my web browser because of an outdated time leading to an expired certificates. The only way to fix it was to adjust the time accordingly and there I enjoyed my Facebook again and again.