Evolution of the CookieBomb toolkit
An ongoing, large-scale injection campaign has been raging for the last 6 months. This campaign utilises a toolkit, dubbed CookieBomb (due to its signature use of cookies), which is fascinating not...
View Article‘GWload’– The ‘Social Engineering’ Based Mass Injection Making Its Rounds
Websense® Security Labs™ ThreatSeeker® Intelligence Cloud has identified that a new mass injection campaign is making its rounds, compromising and injecting content into tens of thousands of legitimate...
View ArticleCrimeware based Targeted Attacks: Citadel case, Part I
Targeted attacks are one of the hottest topics in the cyber security community today. Often when the term 'targeted attack' is used, a politically-motivated attack springs to mind, or what we like to...
View ArticleCrimeware based Targeted Attacks: Citadel case, Part II
In this part II of our Citadel blog, we will take a closer look at how to better understand and detect this crimeware using basic techniques and tools. We will show how to identify the infection, and...
View ArticleCrimeware based Targeted Attacks: Citadel case, Part III
In our previous blog (part 2 in this 3 part series), we outlined how Citadel infects a host machine, and we extracted some string references that we used to detect it via YARA. However, we have yet to...
View Article
More Pages to Explore .....