Security Alerts & News
by Tymoteusz A. Góral

History
#1139 Nation-backed malware that infected energy firm is 1 of 2016’s sneakiest
A campaign that targeted a European energy company wielded malware that's so sneaky and advanced it almost certainly is the work of a wealthy nation, researchers said Tuesday.

The malware contains about 280 kilobytes of densely packed code that, like a ninja warrior, cleverly and stealthily evades a large number of security defenses. It looks for and avoids a long list of computer names belonging to sandboxes and honeypots. It painstakingly dismantles antiviruses one process at a time until it's finally safe to uninstall them. It takes special care when running inside organizations that use facial recognition, fingerprint scanners, and other advanced access control systems. And it locks away key parts of its code in encrypted vaults to prevent it from being discovered and analyzed.

Once the malware has gained administrative control of a computer, it uses its lofty perch to survey the connected network, report its findings to its operators, and await further instructions. From then on, attackers have a network backdoor that allows them to install other types of malware, either for more detailed espionage or potentially sabotage. Researchers from security firm SentinelOne found the malware circulating in an underground forum and say it has already infected an unnamed energy company in Europe.
Read more
#1141 Intel patches local EoP vulnerability impacting Windows 7
#1140 Microsoft Patch Tuesday – July 2016
#1139 Nation-backed malware that infected energy firm is 1 of 2016’s sneakiest
#1138 Cisco boasts 100 percent security coverage
#1137 Vulnerability exploitable via printer protocols affects all Windows versions
#1136 Leaky database leaves Oklahoma police, bank vulnerable to intruders
#1135 VPN provider removes Russian presence after servers seized
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12