University of Manchester: “Targeted Cyber Attacks” Book Included as Part of Trust and Security in a Digital World Course

We drafted a “Targeted Cyber Attacks” book a few years ago covering the insightful details related to targeted cyber attacks occurring in the wild including associated threat landscape. The book received…

An independent review of the “Empirical Cloud Security” book has been published by the Elsevier Network Security (NESE) Journal in the August edition. Check the PDF here: https://www.sciencedirect.com/science/article/abs/pii/S1353485821000854

Some of the quotes from the review are presented below:

This is a book you will want to come back to regularly…

At BlackHat Europe Arenal 2020, I released the Strafer tool to detect potential ransomware/bot infections in the Elasticsearch instances deployed in the cloud environments.

Elasticsearch Threat Landscape

In security, we always say and strictly believe “Basics are the Hardest Part to Conquer”. That’s the true fact.

With recent challenges, the usage of video-conferencing technologies has increased exponentially. Zoom is being discussed a lot of these for the same.

With the advancements of new technologies and increasing usage…

Sparty was designed to conduct efficient security assessment of MS Sharepoint deployments. The tool has been used by security community which shows the acceptability and and highlighting that the tool is useful.

Sparty was presented at BlackHat 2013 and the presentation is available at: https://media.blackhat.com/us-13/Arsenal/us-13-Sood-Sparty-Slides.pdf

Report by Aditya K Sood and RB.

Note: We would like to thank MalwareMustDie for providing additional inputs regarding reverse engineering of binaries.

Media Coverage

New Gucci Botnet Capable of Launching Multiple Types of DDoS Attacks — https://securityintelligence.com/news/new-gucci-botnet-capable-of-launching-multiple-types-of-ddos-attacks/

New ‘Gucci’ IoT Botnet Targets Europe — https://www.securityweek.com/new-gucci-iot-botnet-targets-europe

Security Labs discovered a…

Cybercriminals deploy crimeware for conducting nefarious operations on the Internet. Crimeware is managed on a large scale through deployment of centralized portals known as Command and Control (C&C) panels. C&C panels are considered as attackers’ primary operating environment through which crimewave is controlled and updated at regular intervals of time. C&C panels also store information stolen from the compromised machines as a part of the data exfiltration activity. This empirical study highlights the analysis of thousands of real world C&C web Uniform Resource Locators (URLs) used for deployment of Crimeware such as botnets, key-loggers, ransomware, Point-of-Sales (PoS) malware, etc., to unearth the characteristics of HTTP-based C&C panels. This study gives a statistical view on design and technologies opted by the crimeware authors to deploy HTTP-based C&C panels.

Link : https://bsidessf2018.sched.com/speaker/aditya_k_sood.6kvngm0

Overview

During the conversation with the administrators about exposed AWS S3 buckets or traditional Directory Listing, the feedback often received is: “since the listed objects or files do not contain any sensitive information, the configuration of the buckets (or directories) is fine even if they are exposed.” This can be…