-
Estimating size of the botnets in Poland
Annual CERT Polska report will soon be available on our website for download. This year we decided not only to include statistical data (which will be moved to a separate section), but also describe trends and events that were important according to us and were observed in the last year …
Read more -
Testing Heartbleed from the client-side perspective
In the last week or so infosec headlines were dominated by reports in the OpenSSL vulnerability (CVE-2014-0160). We blogged on what the situation looked like in regard to Polish services and address space (and TOR as well). It is worth noting however that the OpenSSL library is used not only …
Read more -
11 April 2014 CERT Polska
Heartbleed in TOR (and in Poland)
In the last few days the most popular vulnerability seems to be CVE-2014-0160. This two years old vulnerability was in OpenSSL library, versions 1.0.1a-f, and allows to read a part of the memory of the process. The use of this library is very prevalent not only in the …
Read more -
07 April 2014 CERT Polska
Honeynet Project Workshop CrackMe Solution
We have announced a CrackMe challenge, which allowed you to win a free pass for the Honeynet Workshop 2014 in Warsaw. Today, we closed the challenge, because the winners have already submitted 10 flags. The winners are Dariusz Tytko (from Poland) and @_zairon_, who also posted his solution to our …
Read more -
SECURE 2014 Call for Speakers is Now Open
SECURE 2014 is a conference dedicated entirely to IT security and addressed to administrators, security team members and practitioners in this field. SECURE’s unique feature is the organisers’ commitment to providing participants with reliable information about everything that is current and meaningful in IT security. A high professional level …
Read more -
02 April 2014 CERT Polska
Win a Honeynet Workshop pass! (UPDATE)
Do you want to attend the Honeynet Workshop Conference in Warsaw? If you solve our CrackMe and you will be the first one to do, you can win a free conference pass. The task is to find “flags” – strings connected to the file that we made specifically for this competition …
Read more -
CERT Polska takes part in a new international project
ERT Polska together with NASK Software Development Division joined a new international project to create system named ILLBuster, aimed at detecting illegal content in computer networks. he project is run by international consortium consisting of Università de Cagliari, Università degli Studi di Milano-Bicocca, University of Georgia, Guardia di Finanza, Polizia …
Read more -
Large-scale DNS redirection on home routers for financial theft
In late 2013 CERT Polska received confirmed reports about modifications in e-banking websites observed on… iPhones. Users were presented with messages about alleged changes in account numbers that required confirmation with mTANs. This behavior would suggest that some Zeus-like trojan had been ported to iOS. As this would be the …
Read more -
New .NET banking malware (VBKlip): no network usage, no registry entries and no AV detection
We recently blogged about a new strain of malware called VBKlip. This malware was aimed at Polish online banking users. In the last few days a new, revised version of this malware has resurfaced. This new version is written in .NET and has a few new ideas which seem to …
Read more -
OTP stealer Android app masquerading as mobile antivirus targets Polish users
The E-Security mobile malware appeared at the beginning of this year. This malware was targeting Polish online banking users, with the goal of stealing One Time Passwords (OTPs) used to confirm banking transactions. The attack was part of a bigger scheme. When the user computer was infected, it displayed an …
Read more