Evolution of the CookieBomb toolkit
An ongoing, large-scale injection campaign has been raging for the last 6 months. This campaign utilises a toolkit, dubbed CookieBomb (due to its signature use of cookies), which is fascinating not...
View ArticleClik here to view.
‘GWload’– The ‘Social Engineering’ Based Mass Injection Making Its Rounds
Websense® Security Labs™ ThreatSeeker® Intelligence Cloud has identified that a new mass injection campaign is making its rounds, compromising and injecting content into tens of thousands of legitimate...
View ArticleClik here to view.
Crimeware based Targeted Attacks: Citadel case, Part I
Targeted attacks are one of the hottest topics in the cyber security community today. Often when the term 'targeted attack' is used, a politically-motivated attack springs to mind, or what we like to...
View ArticleClik here to view.
Crimeware based Targeted Attacks: Citadel case, Part II
In this part II of our Citadel blog, we will take a closer look at how to better understand and detect this crimeware using basic techniques and tools. We will show how to identify the infection, and...
View ArticleClik here to view.
Crimeware based Targeted Attacks: Citadel case, Part III
In our previous blog (part 2 in this 3 part series), we outlined how Citadel infects a host machine, and we extracted some string references that we used to detect it via YARA. However, we have yet to...
View Article
