Tuesday, December 15, 2015
Saturday, December 12, 2015
DarkBot detection using Canada Cyber security servers.
One of our security server at a client have detected some IOC's that look like darkbot.
when we looked at the pcap files we did see why ... below are some rules that Canada cyber sensor have triggered.
For more information:
https://www.us-cert.gov/ncas/alerts/TA15-337A
http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Worm%3AWin32/Dorkbot#tab=2
This first screen is the first request to via DNS to wipmania.com something that is normal of darkbot.
Next screen is the HTTP request to the same domain.
when we looked at the pcap files we did see why ... below are some rules that Canada cyber sensor have triggered.
For more information:
https://www.us-cert.gov/ncas/alerts/TA15-337A
http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Worm%3AWin32/Dorkbot#tab=2
This first screen is the first request to via DNS to wipmania.com something that is normal of darkbot.
Tuesday, December 8, 2015
We have updated our site
We decided to get a new face left for our website .. ? what do you think ..
Some of the new things:
1. always redirect to https.
2. very small foot print. under 1 mega byte.
3. should work on any screen.
4. no executable, Good luck trying to hack this l33t ;-)
Some of the new things:
1. always redirect to https.
2. very small foot print. under 1 mega byte.
3. should work on any screen.
4. no executable, Good luck trying to hack this l33t ;-)
Our site screen from before :
Subscribe to:
Posts (Atom)