Search by property
Jump to navigation
Jump to search
This page provides a simple browsing interface for finding entities described by a property and a named value. Other available search interfaces include the page property search, and the ask query builder.
List of results
- 1940 IPs for a BHEK/ULocker server - Nexcess-Net +
- A DDoS family affair: Dirt Jumper bot family continues to evolve +
- A chat with NGR Bot +
- A new iteration of the TDSS/TDL-4 malware using DGA-based command and control +
- A peek inside the Darkness (Optima) DDoS Bot +
- A peek inside the PickPocket botnet +
- A quick update on spambot Kelihos +
- A study on botnet detection techniques +
- Acquisition and analysis of volatile memory from Android devices +
- Actually, my name is Duqu - Stuxnet is my middle name +
- An analysis of Dorkbot’s infection vectors (part 2) +
- An analysis of the cross-platform backdoor NetWeirdRC +
- An interesting case of JRE sandbox breach (CVE-2012-0507) +
- An overview of exploit packs +
- Analyse de Xtreme RAT +
- Analyse et poncage du botnet HerpesNet +
- Analyse statique de Duqu stage 1 +
- Analyse statique de Duqu stage 2 +
- Analysis of DarkMegi aka NpcDark +
- Analysis of TDL4 +
- Analysis of Ysreef (a variant of Tobfy) +
- Analysis of a “/0” stealth scan from a botnet +
- Analysis of functions used to encode strings in Flame (GDB script) +
- Analysis of the Finfisher lawful interception malware +
- Analyzing a new exploit pack +
- Anaru malware now live and ready to steal +
- Android malware pairs man-in-the-middle with remote-controlled banking trojan +
- Android trojan used to create simple SMS spam botnet +
- Android.Bmaster: A million-dollar mobile botnet +
- Android.Counterclank found in official Android market +
- Anonymous supporters tricked into installing ZeuS trojan +
- Análisis del comportamiento de VOlk y sus funcionalidades +
- Apple releases Java update; includes fix for vulnerability exploited by Flashback malware +
- Apple zombie malware 'NetWeird' rummages for browser and email passwords +
- Armenian Bredolab creator jailed for computer sabotage +
- Attackers place Command and Control servers inside enterprise walls +
- AutoIT ransomware +
- Back to Stuxnet: the missing link +
- Behind the Captcha or Inside Blackhole Exploit Kit 2.0 - Exploit Kit Administration Panel +
- Blackhole & Cridex: season 2 episode 1: Intuit spam & SSL traffic analysis +
- Blackhole Ramnit - samples and analysis +
- Blackhole exploit kit v2 on the rise +
- Blackhole, CVE-2012-0507 and Carberp +
- Bot shopping with my wife +
- BotGrep: finding P2P bots with structured graph analysis +
- BoteAR: a “social botnet”- What are we talking about +
- Botnet command server hidden in Tor +
- Botnet shutdown success story - again: disabling the new Hlux/Kelihos botnet +
- Boxer SMS trojan: malware as a global service +
- Bredolab botmaster ‘Birdie’ still at large +
- CVE-2012-4681 - On its way to Sakura Exploit Kit too +
- CVE-2012-4681 - Redkit Exploit Kit - I want Porche Turbo +
- CVE-2012-4681 - Связка Sweet Orange +
- CVE-2012-5076 - Massively adopted - Blackhole update to 2.0.1 +
- Carberp gang evolution: CARO 2012 presentation +
- Carberp steals e-cash vouchers from Facebook users +
- Carberp, the renaissance ? +
- Carberp-in-the-Mobile +
- Carberp: it’s not over yet +
- Case study of the Miner botnet +
- China targets macs used by NGOs +
- Citadel : le fichier de configuration +
- Citadel V1.3.5.1: enter the fort’s dungeons +
- Citadel ZeuS bot +
- Citadel trojan malware analysis +
- Citadel trojan touts trouble-ticket system +
- Citadel: a cyber-criminal’s ultimate weapon? +
- Confidential documents from Japanese politics stolen by malware +
- Cool EK : "Hello my friend..." CVE-2012-5076 +
- Cool Exploit Kit - A new Browser Exploit Pack on the Battlefield with a "Duqu" like font drop +
- Cool exploit kit - URL structure +
- Covert channels over social networks +
- Cracking the encrypted C&C protocol of the ZeroAccess botnet +
- Crisis for Windows sneaks onto virtual machines +
- Crypto breakthrough shows Flame was designed by world-class scientists +
- Crypto experts called on to crack cyberspy tool's encryption +
- Cutwail drives spike in malicious HTML attachment spam +
- Cyber gang seeks botmasters to wage massive wave of trojan attacks against U.S. banks +
- DDoS attacks: the Zemra bot +
- DISCLOSURE: detecting botnet command and control servers through large-scale NetFlow analysis +
- DNS: a botnet dialect +
- DaRK DDoSseR leads to Gh0st RAT +
- DarkMegi rootkit - sample (distributed via Blackhole) +
- Darkmegi: this is not the Rootkit you’re looking for +
- De code van Dorifel nader bekeken +
- Digging inside Tinba malware - A walkthrough +
- Digging into the Nitol DDoS botnet +
- Dirt Jumper DDoS bot increasingly popular +
- Disttrack malware overwrites files, infects MBR +
- Disttrack sabotage malware wipes data at unnamed Middle East energy organization +
- Doctor Web a détecté un botnet enrôlant plus de 550 000 Mac +
- Doctor Web exposes 550 000 strong Mac botnet +
- Domain generation algorithms (DGA) in stealthy malware +
- Dorifel crypto malware paralyzes Dutch companies and public sector +
- Dorifel is much bigger than expected and it’s still active and growing! +
- Dorifel virus gereed voor Nederlandse banking phishing +
- Dorifel/Quervar: the support scammer’s secret weapon +
- Dorkbot: conquistando Latinoamérica +
- Dutch users served Sinowal for lunch +
- EURO Winlocker +
- Emerging attack vectors - RSA slide deck +
- Etude sur le fonctionnement du Trojan.Matsnu.1 codant les données des utilisateurs +
- Exploring the market for stolen passwords +
- FAQ on Kelihos.B/Hlux.B sinkholing +
- Fake FBI Ransomware analysis +
- Fast look at an infection by a Blackhole Exploit Kit 2.0 +
- Festi botnet analysis & investigation +
- Flame, Duqu and Stuxnet: in-depth code analysis of mssecmgr.ocx +
- Flame: replication via Windows Update MITM proxy +
- Flamer analysis: framework reconstruction +
- Flamer: highly sophisticated and discreet threat targets the Middle East +
- Flamer: urgent suicide +
- Flashfake Mac OS X botnet confirmed +
- Fortiguard: Android/Stiniter.A!tr +
- From Georgia, with love Win32/Georbot +
- From Sakura to Reveton via Smoke Bot - or a botnet distribution of Reveton +
- Full analysis of Flame's Command & Control servers +
- Full analysis of Flame's command & control servers +
- Gangstaservice Winlock Affiliate +
- Gauss: Nation-state cyber-surveillance meets banking Trojan +
- Gauss: abnormal distribution +
- Get gamed and rue the day... +
- Getting more "personal" & deeper into Cridex with parfeit credential stealer infection +
- Gimemo finally targeting USA with Camera Feature too +
- Gimemo wants to play in the big league +
- Guys behind Gauss and Flame are the same +
- Harvesting data on the Xarvester botmaster +
- HerpesNet botnet 1.7 +
- IRC bot for Android +
- Industrial espionage and targeted attacks: understanding the characteristics of an escalating threat +
- Inside Andromeda Bot v2.06 Webpanel / AKA Gamarue - Botnet Control Panel +
- Inside Blackhole Exploits Kit v1.2.4 - Exploit Kit Control Panel +
- Inside Citadel 1.3.4.5 C&C & Builder - Botnet Control Panel +
- Inside Impact exploit kit +
- Inside Pony 1.7 / Fareit C&C - Botnet Control Panel +
- Inside Smoke Bot - Botnet Control Panel +
- Inside Smoke Bot - botnet control panel +
- Inside Ulocker +
- Inside Upas Kit (1.0.1.1) aka Rombrast C&C - Botnet Control Panel +
- Inside an APT campaign with multiple targets in India and Japan +
- Inside the Grum botnet +
- Inside view of Lyposit aka (for its friends) Lucky LOCKER +
- Insights into Win32/Bradop +
- Interconnection of Gauss with Stuxnet, Duqu & Flame +
- Introducing Ponmocup-Finder +
- It’s 2012 and Armageddon has arrived +
- It’s not the end of the world: DarkComet misses by a mile +
- Java Runtime Environment 1.7 Zero-Day Exploit Delivers Backdoor +
- Java Zero-Days and the Blackhole Exploit Kit +
- Joint strike force against Dorifel +
- Karagny.L unpack +
- Kaspersky Lab et Seculert annoncent la récente découverte de « Madi », une nouvelle attaque de cyberespionnage au Moyen‑Orient +
- Kelihos back in town using Fast Flux +
- Kelihos is dead. Long live Kelihos +
- Kelihos/Hlux botnet returns with new techniques +
- Kelihos: not alien resurrection, more attack of the clones +
- King of spam:Festi botnet analysis +
- Koobface botnet master KrotReal back in business, distributes ransomware and promotes BHSEO service/product +
- Large-scale analysis of malware downloaders +
- Latest SpyEye botnet active and cheaper +
- Learning stateful models for network honeypots +
- Legal implications of countering botnets +
- Library file in certain Android apps connects to C&C servers +
- Long life to Kelihos! +
- MP-DDoser: A rapidly improving DDoS threat +
- MP-DDoser:Monitoring a rapidly improving DDoS threat +
- MSRT April 2012: Win32/Claretore +
- MSRT June '12 - cleanup on aisle one +
- MSRT March 2012: breaking bad +
- MSRT November '12 - Weelsof around the world +
- MSRT September '12 - Medfos, hijacking your daily search +
- MSRT march: three hioles in one +
- Mac BackDoor.Wirenet.1 config extractor +
- Mac Flashback exploiting unpatched Java vulnerability +
- Madi is back - New Tricks and a new Command&Control server +
- Mahdi malware finds 150 new targets including U.S. and Germany, gets more evasive +
- Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode +
- Malicious Apache module injects Iframes +
- Malicious Apache module used for content injection: Linux/Chapro.A +
- Malware 2 - from infection to persistence +
- Malware Memory Analysis - Volatility +
- Malware Uses Google Go Language +
- Malware analysis Rannoh/Matsnu +
- Malware analysis tutorial 32: exploration of botnet client +
- Malware attacking POS systems +
- Malware discovered developed with Google's "Go" programming language +
- Malware hunting with the Sysinternals tools +
- Malware targeting Windows 8 uses Google Docs +
- McAfee Labs threat advisory : W32.Pinkslipbot +
- Measuring botnet populations +
- Meet CritXPack (Previously Vintage Pack) +
- Meet ProPack Exploit Pack - yes that's a lot of pack +
- Meet ‘Flame’, the massive spy malware infiltrating Iranian computers +
- Members of the largest criminal group engaged in online banking fraud are detained +
- Microsoft and financial services industry leaders target cybercriminal operations from ZeuS botnets +
- Microsoft disrupts the emerging Nitol botnet being spread through an unsecure supply chain +
- MoVP 1.3 Desktops, heaps, and ransomware +
- Monkif botnet hides commands in JPEGs +
- More Flame/Skywiper CNC behavior uncovered +
- More details of the Dorifel servers +
- Multitenancy Botnets thwart threat analysis +
- NGRBot spreads via chat +
- Necurs Quick Analysis +
- Neosploit gets Java 0-Day +
- Nepalese government websites compromised to serve Zegost RAT +
- New Apple Mac trojan called OSX/Crisis discovered +
- New Chinese exploit pack +
- New Duqu sample found in the wild +
- New Mahdi updates, new C2 server +
- New Thor botnet nearly ready to be sold, price $8,000 +
- New Xtreme RAT attacks US, Israel, and other foreign governments +
- New ransomware plays its victims an audio file, over and over and over… +
- New trojan found: Admin.HLP leaks organizations data +
- New virus SMSZombie.A discovered by TrustGo Security Labs +
- Newly detected Crisis virus infects Windows, Macs and virtual machines +
- Nitol DDoS botnet discovered in China +
- Not just a one-trick PonyDOS +
- Now you Z-(eus) it, now you don’t: ZeuS bots silently upgraded to Citadel +
- Nuevo botnet contra Mexico: Karn!v0r3x +
- OSX/Crisis has been used as part of a targeted attack +
- OSX/Flashback - The first malware to infect hundreds of thousands of Apple Mac +
- Obama order sped up wave of cyberattacks against Iran +
- Olmasco bootkit: next circle of TDL4 evolution (or not) +
- One bot to rule them all +
- Over 9 million PCs infected - ZeroAccess botnet uncovered +
- P2P botnet Kelihos.B with 100.000 nodes sinkholed +
- Panda Security uncovers bot-killing malware +
- Panel Gendarmerie +
- Panel Supern0va et virus gendarmerie +
- Panel Virus Gendarmerie : Ratio 0.36% +
- Part virus, part botnet, spreading fast: Ramnit moves past Facebook passwords +
- Playing cops & robbers with banks & browsers +
- PlugX: new tool for a not so new campaign +
- Police Trojan crosses the Atlantic, now targets USA and Canada +
- Ponmocup analysis +
- Pramro and Sality - two PEs in a pod +
- Proactive detection of security incidents II - Honeypots +
- Proactive policy measures by Internet service providers against Botnets +
- Probing the Gozi-Prinimalka campaign +
- Quervar – Induc.C reincarnate +
- QuickPost: Flame & Volatility +
- Ramnit goes social +
- Ransom.II - UGC payment for USA - Windows Genuine impersonation for DE +
- Ransomware : Smile you're on camera - Reveton.C new landing pages +
- Ransomware Casier - Sharing Design with Lyposit - Gaelic & Persian ( +
- Ransomware Fake Microsoft Security Essentials +
- Ransomware and Silence Locker control panel +
- Ransomware crimeware kits +
- Ransomware gets professional, targeting Switzerland, Germany and Austria +
- Ransomware « Trojan.Casier » Panel +