17

Cyber Attack Impersonating Identity of Indian Think Tank to Target Central Bureau of Investigation (CBI) and Possibly Indian Army Officials

In my previous blog posts I posted details of cyber attacks targeting Indian Ministry of External Affairs and Indian Navy’s Warship and Submarine Manufacturer. This blog post describes another attack campaign where attackers impersonated identity of Indian think tank IDSA (Institute for Defence Studies and Analyses) and sent out spear-phishing emails to target officials of […]

3

Aadhar:  Good, Bad And Ugly

Before I begin I would like to quote current Attorney General of India “The invasion of privacy is of no consequence because privacy is not a fundamental right and has no meaning under Article 21. The right to privacy is not a guaranteed under the constitution, because privacy is not a fundamental right.” Article 21 […]

4

Analysis of Shadow Brokers Release – Operation Center

We have always been curious to know about what goes on inside the state sponsored security agencies like NSA (National Security Agency). Since the agency is known to operate on multiple spying operations in the past for tracking criminals and terrorists, it might sometimes need the use of zero day exploits to get into targeted […]

5

Episode 3 – Shellcode Analysis with APITracker

Text: Audience Level: Beginner to Medium. Few months back we released our new tool APITacker. The idea behind the tool is more mature than the tool itself. Using APITracker we can hook APIs on large scale from DLLs to track the execution of the sample. APITracker is based on pydbg python debugger. Before we move […]

3

New Password Protected Macro Malware evades Sandbox and Infects the victims with Ursnif Malware !!

These days, Along with the unforeseen climatic conditions, several unpredictable malware campaigns are also occurring across the connected world. Mostly Offenders are relying on spam mails and the associated malicious Macros, to drop and infect the targeted victims with various other atrocious malware. Studies shows 95% of successful security attacks created by Human mistakes!! Security sensitive […]

2

10th Quarterly Meetup – 25th February 2017

In this meet, Jiggyasu Sharma presented on “Tracking Attacks Using Hospital Honeypots” , Abhishek Bhuyan presented on “Security Analytics using ELK stack” , Heeraj Nair presented on “XXE – XML External Entity Attack” , Monnappa K A presented on “Linux Malware Analysis” , Aswin M Guptha presented on “Introduction to Binary Exploitation” and Amit Malik presented on “ATM Malware: […]

8

10th Meetup – Linux Malware Analysis

In this meet,Monnappa K A delivered presentation on “Linux Malware Analysis” Demo 1 – Analysis of Linux malware Tsunami using Limon Sandbox  Demo 2a – Analysis of Linux Malware Mayhem using Limon: Demo 2b – Examining the malicious exit() function of Linux malware mayhem :