platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
First slide label
Some representative placeholder content for the first slide.
Second slide label
Some representative placeholder content for the second slide.
Third slide label
Some representative placeholder content for the third slide.
Inside A Malware Campaign
published on 2014-01-20 12:12:00 UTC by Trojan7Malware Content:
A while back I received some spam email with the theme of adding new friends of facebook. This is how I became aware of the campaign now known as the "Aqua VPN" campaign.
World renowned and internationally respected anti virus vendor MalwareBytes also blogged about this campaign here (thanks to @paperghost)
After gaining admin rights to the web panel I built a sjdb (silent java driveby) here is what I found.
Build options
More build options
Lets take a look at the available domains:
who.is of all those domains
(no need for aquavpn thats already well known)
osrsbot(.)net > http://who.is/whois/osrsbot.net
twitch (.)pw > http://who.is/whois/twitch.pw (trying to lure gamers thinking this is the real twitch url) << confirmed takedown by @vriesHd now this domain leads to a 502.
ucam(.)me > http://who.is/whois/ucam.me
videoreaper(.)com > http://who.is/whois/videoreaper.com
live-stream(.)us > http://who.is/whois/live-stream.us
teentalk(.)us > http://who.is/whois/teentalk.us
rapid-miner(.)net > http://who.is/whois/rapid-miner.net
what a surprise! all registered by namecheap
Now for a scan of the .jar
(virustotal was down but I have scanned this file on there before)
in the meantime this will do http://nodistribute.com/result/OCP1Mox9mV02p
Add-on Domains!
If you want you can spend a little extra money and ill be honest, one of these domains is very good for social engineering.