January 14, 2013
Rocra Espionage Malware Campaign Uncovered After Five Years of Activity
For five years, it hid in the weeds of networks used by Eastern European diplomats, government employees and scientific research organizations, stealing data and infecting more machines in an espionage campaign rivaling Flame and others of its ilk. The campaign, called Rocra or Red October by researchers at Kaspersky Lab, focused not only on workstations, but mobile devices and networking gear to gain a foothold inside strategic organizations. Once inside, attackers pivoted internally and stole everything from files on desktops, smartphones and FTP servers, to email databases using exploits developed in China and Russian malware, Kaspersky researchers said.
Image via Securelist

Rocra Espionage Malware Campaign Uncovered After Five Years of Activity

For five years, it hid in the weeds of networks used by Eastern European diplomats, government employees and scientific research organizations, stealing data and infecting more machines in an espionage campaign rivaling Flame and others of its ilk. The campaign, called Rocra or Red October by researchers at Kaspersky Lab, focused not only on workstations, but mobile devices and networking gear to gain a foothold inside strategic organizations. Once inside, attackers pivoted internally and stole everything from files on desktops, smartphones and FTP servers, to email databases using exploits developed in China and Russian malware, Kaspersky researchers said.

Image via Securelist

June 4, 2012
Flame Malware C&C Timeline
Infographic via OpenDNS
Background:
"Researchers at Kaspersky Lab, domain registrar GoDaddy and OpenDNS have taken steps to cut off Internet access for machines infected with the Flame worm. In the process, the researchers say they uncovered a large and complex command and control infrastructure of more than 80 Web domains and collected clues that put the origins of Flame as early as 2008."
Continue reading at Threatpost.com

Flame Malware C&C Timeline

Infographic via OpenDNS


Background:

"Researchers at Kaspersky Lab, domain registrar GoDaddy and OpenDNS have taken steps to cut off Internet access for machines infected with the Flame worm. In the process, the researchers say they uncovered a large and complex command and control infrastructure of more than 80 Web domains and collected clues that put the origins of Flame as early as 2008."

Continue reading at Threatpost.com

January 25, 2012
Who’s Spying on Whom?
Examples include hacks of RSA, Lockheed Martin, and Mitsubishi Heavy Motors as well as the sagas of Stuxnet and DigiNotar. 
Infographic via Popular Mechanics

Who’s Spying on Whom?

Examples include hacks of RSA, Lockheed Martin, and Mitsubishi Heavy Motors as well as the sagas of Stuxnet and DigiNotar

Infographic via Popular Mechanics

Liked posts on Tumblr: More liked posts »