Kudelski Security is launching a new crypto challenge for Black Hat. It starts today and ends on July 25th at our private party in Las Vegas. The challenge and instructions are available at https://github.com/kudelskisecurity/cryptochallenge17. In short, here's how it works: We give you the code of a service running on some remote host. As you'll find out, … Continue reading Crypto challenge, 10 Ether of prizes
NEW UPDATE: ‘Petya/NotPetya’ Ransomware Spreading Rapidly Around Europe and Globe
UPDATE 6/30: Microsoft Windows 10 Enterprise includes a feature called “Credential Guard”. This feature can prevent certain attacker tools from compromising administrative credentials using well known techniques such as a Pass the Hash attack. Having this feature enabled would have prevented NotPeya from harvesting local credentials to spread within a local network (one of the … Continue reading NEW UPDATE: ‘Petya/NotPetya’ Ransomware Spreading Rapidly Around Europe and Globe
Distributed Fingerprinting with Scannerl
Kudelski Security is proud to announce the open-source release of Scannerl, its distributed fingerprinting tool. Scannerl Scannerl is a modular, distributed fingerprinting engine implemented in Erlang. It is to fingerprinting what zmap is to port scanning. This tool enables easily distributed fingerprinting among a large number of hosts and circumvents limitations of scale and speed, which are the principle challenges of today’s fingerprinting … Continue reading Distributed Fingerprinting with Scannerl
The Equation Group’s post-exploitation tools (DanderSpritz and more) Part 1
Since the April 14th leak of the Equation Group’s hacking tools, I have been busy testing (and decompiling / reversing) the tools, understanding and documenting capabilities, and identifying potential indicators of compromise (IOCs). My goal is to build documentation and IOCs that we at Kudelski Security (and other organizations) could leverage to identify these tools, … Continue reading The Equation Group’s post-exploitation tools (DanderSpritz and more) Part 1
WannaCry Ransomware Webcast
The number of individuals, organizations and countries affected by the WannaCry malware attack is growing at an alarming rate. After the initial infection is executed, no user intervention at all is required for the malware to spread. As this is one of the largest cybersecurity attacks in history, it's important that you have all the facts. … Continue reading WannaCry Ransomware Webcast
Security Advisory: WCry2 Ransomware Outbreak
wCry2 Ransomware spreading via EternalBlue (MS17-010) Update May 13 Data was coming in very quickly on Friday and while we worked to provide timely and reasonable information we know now more about what happened and how the Wana Decrypt0r 2.0 ransomware outbreak managed to escalate so quickly. First some good news: The malware, once executed … Continue reading Security Advisory: WCry2 Ransomware Outbreak
SANS Holiday Hack Challenge 2016
During my holiday I tackled the SANS HolidayHack challenge 2016. It was a lot of fun and a useful way of keeping my skills up to date. The goal of the challenge was to answer some questions and play a little game with a lot of quests made up of computer science challenges. I will publish just a condensed section … Continue reading SANS Holiday Hack Challenge 2016
