382 Computer Security Blog

[382] Macro’d Microphone Malware

Posted on

(I’ve got to stop with this alliteration nonsense.) ArsTechnica reported today on findings by CyberX labs that over 600GB of data was obtained from 70 different targets in varying industries, including “critical infrastructure, news media, and scientific research.” Targets were mostly inside Ukraine, though a small number of targets were from Russia, Austria, and Saudi […]

382 Computer Security Blog

[382] At This Point, It’s Getting Ridiculous

Posted on

I’m always reticent to discuss politically-aligned matters in professionally-oriented spaces like this one. Not because I have any particular aversion to politics (my Twitter and Facebook pages would seem to indicate the exact opposite), but because I generally don’t believe it’s appropriate to discussion subjective matters (like politics) in places where you should be as objective as […]

382 Computer Security Blog

[382] The Rise of Stateless Malware

Posted on

ArsTechnica reported today on a new rash of bank-targeting malware infections which, unlike your average malware, are unique in that they store almost nothing on infected users’ disk drives, instead existing solely in a computer’s RAM. (What they do store in memory is relegated to small powershell commands in the Windows registry.) As a result, they are tremendously difficult […]

382 Computer Security Blog

[382] How Google Mounted a Mirai Resistance

Posted on

Last September, KrebsOnSecurity, the website of prominent security researcher Brian Krebs, found itself on the receiving end of what has been characterised as the largest DDoS ever, orchestrated by targeting a botnet composed millions of IoT (internet-of-things) devices, like Refrigerators and Camera, towards the website. For a time, KrebsOnSecurity lived thanks to pro-bono DDoS protection from Akamai, […]