LRQA Nettitude Blog

With the recent TalkTalk hack just the latest in a long line of high-profile data breaches that have taken place in recent years, our security researchers monitor changes in the global cyber threat landscape on an ongoing basis. Today, we have released a report into the activity that our research team has observed from our Cyber Threat Intelligence (CTI) systems during September 2015.

File Name: cclub14.exe
File Size: 1081833 byte
Compile Time: 2015-06-17 08:36:37
Sections: 4
Hash MD5: 29cf881ca840424f2dba7c0952a94cfe
Hash SHA-1: 85461a14c12a2e3f3f0f1f10a8d68d73e4e891b4
Imphash : 7ee226ca53c7ca1c7999e440384c5b89

The efforts required for a successful cyber-attack do not match the efforts that are invested to build a successful business. It only takes one human error to reduce many years of hard work to dust. Verizon research suggests that in 60% of breach incidents, it only takes minutes for the attacker to be successful. In the many years that I have helped companies deal with their cyber-attacks, it has almost always been the case that a single person performed an undesirable action that in turn let the attackers onto their network.

Voice over IP (VoIP) infrastructure has become more susceptible to cyber attacks in recent years due to the proliferation of both its use and the tools that can be used for malicious purposes. During the first quarter of 2015, our security researchers have observed a large amount of VoIP attacks worldwide; however, the majority were against UK servers.

Protecting against cyber-attacks is proving to be a real challenge. A few years ago, defence in depth was the recommended methodology to successfully fight cyber-attacks. Despite the proliferation of defence in depth mechanisms, a large number of high profile cyber-attacks are still observed. It's no surprise to anyone that all sensible business owners and world leaders are seriously worried about the impact of successful cyber-attacks against their environment. According to a survey by Forrester’s Foresights Security Survey in 2013, 75% of 490 companies agreed that cyber threat intelligence was a priority.  The recent report “2015 Global Megatrends in Cybersecurity” sponsored by Raytheon suggest that most companies will deploy cyber threat intelligence over the next three years as a measure against cyber-attacks.

A look at recent malware techniques

Industrial Control Systems (ICS) are very important components of our critical infrastructure. Programmable logic controllers (PLC) are some of the well-known types of control system components. PLCs are computers used for automation of typically industrial electromechanical processes, such as the control of machinery on factory assembly lines, amusements rides, light fixtures, power stations, power distribution systems, power generation systems, and gas turbines, to name a few.

Panic Saturday is now over and the Boxing Day sales are just around the corner. It's now the time to watch out for malware. The festive season is generally one where most people are less vigilant because of the festive ambiance.  It is also the time where most people fail to identify malware coming their way. I am going to explain what happens when we get a malicious email; discuss the content of such emails and provide easy steps to follow to keep your shopping basket and wallet safe this festive season.

During the recent BSIDES conference (2014), which was hosted in Las Vegas, Kyle Adams presented on "Evading code emulation: Writing ridiculously obvious malware that bypasses AV":