by jeff | Oct 16, 2017 | Analysis, Blog, Jeff, Malware, Network, News
Well not really, but I’m going to write a series of posts that will all tie together, which can be a very useful tool for anyone interested in having a security home lab, or even in a new or established security operations centre. I am going to be using open...
by jeff | Jul 5, 2017 | Analysis, Jeff, Malware, Network, News
http://blog.talosintelligence.com/2017/07/the-medoc-connection.html?m=1 Summary The Nyetya attack was a destructive ransomware variant that affected many organizations inside of Ukraine and multinational corporations with operations in Ukraine. In cooperation with...
by jeff | Jun 28, 2017 | Analysis, Jeff, Malware, Network, News
http://colsec.blogspot.de/2017/06/petya-outbreak-june-27th.html My machine – Domain joined Windows 10 Enterprise 64bit running McAfee AVĀ + Encrypted HDD. Fully patched with June’s updates and manually disabled/removed SMBv1. Hit at 12:40 UK time...
by jeff | May 17, 2017 | Analysis, Jeff, Malware, Network
It was just a matter of time until other organisations or individuals followed the path set by WannaCry last weekend. Seems there is another variant of ransomware doing the rounds which is exploiting the same loop hole as WannaCry is using port 445 to enumerate and...
by jeff | May 14, 2017 | Analysis, Jeff, Malware, Network, News
Finally here is my #WCry/#WanaCry Ransomware Technical Analysis @EndgameInc https://t.co/ef49EgyK4M pic.twitter.com/EMonFweVR0— Malware Unicorn (@malwareunicorn) 14 May 2017
by jeff | Apr 12, 2017 | Analysis, Malware, Network
hxxp://petroffpianostudio[.]com/ (This may now be cleaned up at the time of posting) It looks like the the aforementioned webpage is infected with a redirect to download suspect files Traffic observed after the infection suggests that it will attempt to download...