News

  • 15 December 2014 CERT Polska #Banatrix #malware

    Banatrix – an indepth look

    Article thumbnail

    Of all of the Polish malware families that we have seen last year, Banatrix seems to be the most technologically advanced one. This malware was used to replace the bank account number in the browser memory, however its implementation allowed an attacker to execute any arbitrary code on the victim …

    Read more
  • 03 December 2014 CERT Polska #malware #trojan

    Merry Christmas from the Bailliff Office

    Article thumbnail

    In the last two weeks, the CERT team received multiple reports describing suspicious e-mail messages supposedly coming from the Warszawa Wola (a Warsaw district) Bailiff office. The message contents do not describe the alleged due in detail, thus encouraging the recipient of the message to click on the link described …

    Read more
  • 28 October 2014 CERT Polska

    Solution for the ECSM HackMe challenge

    Article thumbnail

    In participation with the ECSM initiative we have announced a HackMe challenge. This challenge proved not to be too difficult for our readers and the five fastest Polish winners are: Mateusz Rek albercik Michał Celiński-Mysław Piotr Kaźmierczak Łukasz Odzioba Congratulations! Below is the solution for the challenge. While they are …

    Read more
  • 17 October 2014 CERT Polska #SECURE

    SECURE 2014 CTF – writeups and winners

    Article thumbnail

    We already have the winners of SECURE2014-CTF. Fastest person sent a full set of flags in less than three hours! The competition attracted a lot of interest. The CTF server handled over 200,000 queries (including 1200 attack attempts on the poor index.php ). The tasks …

    Read more
  • 15 October 2014 CERT Polska #SECURE #secure 2014

    SECURE 2014 – CTF

    Article thumbnail

        Have fun with our SECURE-2014/CTF! You can win a free pass for a SECURE 2014 conference and amazing packs full of gadgets! If you don’t know what’s the deal with all the flags, you can read more at ctftime.org or at DragonSector presentation at Confidence.   Tasks …

    Read more
  • 13 October 2014 CERT Polska

    ECSM HackMe challenge

    Article thumbnail

    October is a month designated by the European Commision and ENISA as a European Cyber Security Month. NASK and CERT Polska are one of the partners in this endeavor. Third week of October is dedicated to students and application security. For this reason we have prepared a HackMe challenge that …

    Read more
  • VBKlip 2.0: no clipboard, but Matrix-like effects

    Article thumbnail

    In the last few weeks we received information about a new kind of malware, similar to the VBKlip malware family. However, while reading these incident reports we got a bit of a science-fiction feeling. Users described that they went to the e-banking site and they tried to perform a wire …

    Read more
  • 11 August 2014 CERT Polska #android #malware

    Android RAT malware spreading via torrents

    Article thumbnail

    In the last few days we observed a number of new attacks targeting the Polish Android users. Many Polish and foreign blogs reported the phishing e-mails using Kaspersky brand to convience user to install an apk file. Below some details of this attack, including the malware analysis, are provided. Thanks …

    Read more
  • 04 July 2014 CERT Polska #malware

    AutoIt scripts are the new black for malware startups

    Article thumbnail

    AutoIt scripts use becomes more and more fashionable for malware obfuscators, cryptors and alike. Especially among the not-so-sophisticated malicious software. Recently we described the phishing attack targeted at Polish users using Booking.com and Allegro.pl. This attacked used AutoIt script (called RazorCrypt) in one of its stages in order …

    Read more
  • 30 June 2014 CERT Polska

    We see scanning for vulnerable BMC modules

    Article thumbnail

    Since Dan Farmer published his latest article on BMC vulnerabilities, ARAKIS system records increased rate of UDP port 623 scans, coming from China, USA, Islandia, Romania and Netherlands. The revealed vulnerabilities allow to gain control of the servers’ online management modules, which control power and gathers status information from the …

    Read more