by jeff | Oct 16, 2017 | Analysis, Blog, Jeff, Malware, Network, News
Well not really, but I’m going to write a series of posts that will all tie together, which can be a very useful tool for anyone interested in having a security home lab, or even in a new or established security operations centre. I am going to be using open...
by jeff | Jul 13, 2017 | Analysis, Blog, Jeff, Malware
I came across this write up by boozallen yesterday, and found it had some very interesting thoughts and insight to how and what happened. Click to access telebots-group-and-petya.pdf 1. Four VirusTotal users uploaded the compiled VBS backdoors along with...
by jeff | Jul 5, 2017 | Analysis, Jeff, Malware, Network, News
http://blog.talosintelligence.com/2017/07/the-medoc-connection.html?m=1 Summary The Nyetya attack was a destructive ransomware variant that affected many organizations inside of Ukraine and multinational corporations with operations in Ukraine. In cooperation with...
by jeff | Jul 4, 2017 | Analysis, Jeff, Malware, News
I came across an interesting article today, with regards to the Petya / NotPetya cyber attack from last week. This is a very good write up and analysis of how the organisation M.E.Doc appears to have been compromised and used to spread the malware in a series of...
by jeff | Jun 28, 2017 | Analysis, Jeff, Malware, Network, News
http://colsec.blogspot.de/2017/06/petya-outbreak-june-27th.html My machine – Domain joined Windows 10 Enterprise 64bit running McAfee AV + Encrypted HDD. Fully patched with June’s updates and manually disabled/removed SMBv1. Hit at 12:40 UK time...