Don’t be too hasty to link every Poison Ivy-based cyber attack to
China. The popular remote access tool (RAT), which
we recently detailed on this blog, is being used in a broad
campaign of attacks launched from the Middle East, too.
Today, our research team is publishing a report
on the Poison Ivy family of remote access tools (RATs) along with a
package of tools created to work as a balm of sorts — naturally, we’re
calling the package “Calamine.”
In an era of sophisticated…
The Practice of Network Security
MonitoringEveryone wants to know how to find intruders on their
networks. I learned one approach when I served in the Air Force
Computer Emergency Response Team (AFCERT) as a captain from 1998 to
The attackers behind the breach of the New York Times’ computer
network late last year appear to be mounting fresh assaults that
leverage new and improved versions of malware.
The new campaigns mark the first significant stirrings from the
Part II in a two-part series. Read Part I.
I of this series, I described China Chopper’s easy-to-use
interface and advanced features — all the more remarkable considering
the Web shell’s tiny size: 73 bytes for the aspx…
Part I in a two-part series.
China Chopper: The Little Malware That Could
China Chopper is a slick little web shell that does not get enough
exposure and credit for its stealth. Other than a good
blog post from security researcher Keith T…