Support

Archive | Encryption

View all postings from the Encryption category in “Security to the Core,” the Arbor Networks Security Engineering and Response Team Blog.

Illuminating The Etumbot APT Backdoor

The Arbor Security Engineering Response Team (ASERT) has released a research paper concerning the Etumbot malware. Etumbot is a backdoor used in targeted attacks since at least March 2011. Indicators suggest that Etumbot is associated with the Numbered Panda group, also known as IXEHSE, DynCalc, and APT12.  Although previous research has covered related malware, little […]

Continue Reading

MP-DDoser: A rapidly improving DDoS threat

This blog post is the fifth installment in our ongoing series of articles surveying the crypto systems used by different DDoS-capable malware families. Today’s topic is MP-DDoser, also known as “IP-Killer” As far as we are aware, MP-DDoser was first documented in February 2012 by Arbor analyst Curt Wilson in his pioneering survey of modern […]

Continue Reading

A DDoS Family Affair: Dirt Jumper bot family continues to evolve

Previous blog entries and analysis by others in the security community have shined a light upon the Dirt Jumper DDoS bot. Dirt Jumper continues to evolve (version 5 appears to be the newest) and a variety of other associated bots packages have emerged over time to include Simple, September, Khan, Pandora, the Di BoTNet and […]

Continue Reading

Information Security and NFL Espionage

In late January 2007 several NFL-related web sites were hacked, to include www.dolphinsstadium.com and www.miamidolphins.com. Considering the Miami Dolphins stadium was about to host the NFL’s biggest game of the year, Superbowl XLI, this seemed a reasonable enough target. The sites were modified to serve malicious JavaScript code that would compromise victim’s computers, providing a […]

Continue Reading

WiFi, Encryption & Clue Density

I regularly use wireless networks at meetings, conferences, airports, hotels, workshops, coffee joints, friend’s homes (and mine) – as I suspect is the case with most folks these days. I often leave Dug’s passive listening toolkit running in the background (where network usage licensing/agreements implicitly permit, of course just to see what type of cruft […]

Continue Reading