-
Malware attack on both Windows and Android
On the 7th of May, 2015 we observed a new malicious e-mail campaign, which used the logo and the name of Polish Post Office (”Poczta Polska”). The e-mail supposedly informed about an undelivered package – however, they also included a link which, after several redirects, lead to the download of a …
Read more -
SECURE 2015 – Call for Speakers
Call for Speakers for SECURE 2015 is now open. If you have an interesting topic and would like to share your ideas with a crowd of Polish and international IT security specialists, and/or are looking for a good reason to visit Warsaw, Poland, please consider submitting your proposal. You …
Read more -
DGA botnet domains: malicious usage of pseudo random domains
In the previous entry we showed examples of domains, which could be easily missclassified as DGA botnet domains. Most of them are machine generated and used in a non-malicious manner. In this entry, conversely, we will present examples of pseudo random domains, which could be used in attacks or be …
Read more -
28 April 2015 CERT Polska
Polish Team Wins 3rd Place in NATO Locked Shields Exercise
Polish team won third place in NATO Cyber Defence Exercise Locked Shields 2015. The Polish team included members from CERT Polska team. The winners this year was NATO CIRC team, and Estonian team took second place. The theme of the exercise is defending a simulated network of a fictious country …
Read more -
DGA botnet domains: on false alarms in detection
Domain Generation Algorithms are often used in botnets to create specially crafted domain names which point to C&C servers. The main purpose of this is to make it more difficult to block connections to these servers (for example with domain blacklists) or to protect the C&C channel (and …
Read more -
Another year, another wave of home router hacks
While researching incidents that are reported to us, we encountered a new campaign of attacks against Internet banking, this time utilizing hacked home routers. This is a variant of a method we have first observed more than a year ago. The criminals take over control of a home router and …
Read more -
ENISA publishes report on actionable information
A new report prepared by CERT Polska was published by ENISA (European Network and Information Security Agency) today: “Actionable Information for Security Incident Response”. This publication is aimed at members of the incident response teams and everyone that collects, analyzes and shares security-related information. Exchange of information can be an …
Read more -
iBanking is back in Poland
iBanking malware was already described on our blog in connection with the attacks targeting Polish e-banking users at the end of 2013. This malware posed as a mobile antivirus application, while in reality it was use to steal one time passwords that were sent via text message. The attack scenario …
Read more -
31 December 2014 CERT Polska
CyberROAD – Invitation to participate in the project survey
CERT Polska along with 19 other partners from 11 countries have joined forces for CyberROAD – a 7FP project aimed to identify current and future issues in the fight against cyber-crime and cyber-terrorism in order to draw a strategic roadmap for cyber security research. A detailed snapshot of the technological, social …
Read more -
29 December 2014 CERT Polska
Server-side n6 code released as open-source
oday we released an important part of the n6 platform on an open source licence (GPL). The released library implements the REST API provided by the new version of n6 and it comes with mechanisms that facilitate fetching information from databases of any type. We hope that the project will …
Read more