[ale] Coming Soon to a Computer Near You!

DJ-Pfulio DJPfulio at jdpfu.com
Wed Feb 8 12:25:14 EST 2017


On 02/08/2017 11:08 AM, Charles Shapiro wrote:
> Latest fun Windows virus thing...
> 
> https://arstechnica.com/security/2017/02/a-rash-of-invisible-fileless-malware-is-infecting-banks-around-the-globe/


There are tools for virus injection that doesn't write a thing to a
disk. Smartphones and Linux are just as susceptible. The Linux desktops
aren't targets, that's the only difference.

Privilege escalation isn't hard on any platform these days.

Security conferences have presentations about this stuff and examples
using tools - many are on github.  These are the things we know about.

Anything I can imagine, is probably already happening. Beware anything
with a microphone. Beware anything with a newwork connection.  Be
especially aware of anything using RF like bluetooth and wifi.

Plus there is an underground where people with access can sell that
access to provide thieves methods to also gain that access.  Read an
article where 5-figures was being paid to these insiders every week.

Did you notice that German banks aren't being hit so much?  I've read
that they require a personal cert be install to access their website.
Wouldn't be surprised to learn that internally, they only use i2p
networking.

I can see a day when we need to drop known networking methods on our
LANs to aid in the fight against this issues.

If you aren't blocking general egress traffic from your LAN, perhaps it
is time to start, even at home.



More information about the Ale mailing list