Monday, September 30, 2013

Patch to Nmap: adding APT1 malware fingerprints

Mandiant company released fingerprints of SSL certificates used by APT1 malware, it's valuable threat intelligence data so I thought it's worth to add it to Nmap.

With this simple patch Nmap gained capability to warn you when it finds a HTTPS server which supposedly belongs to APT1's attack infrastructure. Simply run:
 $ nmap -n -P0 -p 443 --script ssl-known-key <YOUR-NETWORK-IP-RANGE>
to discover signs of APT1 in your network.

Wednesday, September 25, 2013

Threat update #9

(in Polish)

Wreszcie coś o APT (Advanced Persistent Threat) w polskim internecie:

- Nowe formy wirtualnej wojny

- Cyberataki typu APT nowym frontem wojny

- Instytucje rządowe i firmy ofiarami ataków typu APT

- Ocena ryzyka lekarstwem na cyberataki typu APT

A wszystko to za sprawą raportu firmy Deloite zatytułowanego Cyber Espionage The harsh reality of advanced security threats.

Dla jeszcze nie przekonanych o potrzebie zaadresowania ryzyka związanego z APT odsyłam tutaj: top five threats to global businesses.

Thursday, September 12, 2013

Some photos from this year's hiking in Dolomites.