Analysis of Phishing Attacks Targeting Ukrainian Banks

Overview On August 17, 2017, the National Bank of Ukraine (NBU) warned financial institutions in the country about a potential cyberattack. The virus would exploit the CVE-2015-2545 vulnerability to cause remote code execution by sending emails with the code disguised as a Microsoft Word document. Subsequently, a cybersecurity institution found […]

Moyou Trojan Analysis

Overview On August 2, 2017, ANTIY discovered a new DDoS trojan and dubbed it Moyou. After obtaining the related sample, NSFOCUS conducted a detailed analysis of the trojan. Sample Analysis The following figure shows the detection result of NSFOCUS Threat Analysis Center (TAC). The sample obtains the C&C server address […]

GoldenEye & NoPetya Attack

Executive Overview Believed to be a modified version of the once successful Petya ransomware, NoPetya seems to be a variant to the GoldenEye ransomware family with source code structuring nearly identical after initial analysis. Unlike its predecessors WannaCry and Petya, GoldenEye incorporates multiple encryption points on its compromised systems. Not […]

Dahua Cameras Unauthorized Access Vulnerability Analysis & Solution

Overview Dahua Technology, a well-known security camera and digital video recorder (DVR) vendor in China, released firmware updates to address serious security vulnerabilities for several of their products. By exploiting this vulnerability an attacker can access the user database of a Dahua camera without needing administrative privileges and extract the […]