VPNFilter EXIF to C2 mechanism analysed

On May 23 2018, our colleagues from Cisco Talos published their excellent analysis of VPNFilter, an IoT / router malware which exhibits some worrying characteristics. Some of the things which…

Roaming Mantis dabbles in mining and phishing multilingually

In April 2018, Kaspersky Lab published a blogpost titled ‘Roaming Mantis uses DNS hijacking to infect Android smartphones’. Roaming Mantis uses Android malware which is designed to spread via DNS…

Water well owner training set for May 31 in Hamilton

Contact: Dr. Drew Gholson, 979-845-1461, dgholson@tamu.edu HAMILTON — A Texas Well Owner Network training offered by the Texas A&M AgriLife Extension Service has been scheduled for May 31 in Hamilton.…

OPC UA security analysis

This paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that…

The King is dead. Long live the King!

In late April 2018, a new zero-day vulnerability for Internet Explorer (IE) was found using our sandbox; more than two years since the last in the wild example (CVE-2016-0189). This…

SynAck targeted ransomware uses the Doppelgänging technique

The Process Doppelgänging technique was first presented in December 2017 at the BlackHat conference. Since the presentation several threat actors have started using this sophisticated technique in an attempt to…

Texas A&M, PerkinElmer create leading public agriculture, life sciences genome platform

Writer: Kay Ledbetter, 806-677-5608, skledbetter@ag.tamu.edu Contact: Dr. Charlie Johnson, 979-862-3287, Charlie@ag.tamu.edu COLLEGE STATION – Texas A&M AgriLife Research and their internationally recognized Genomics and Bioinformatics Service are poised to change…

Republican Party rallies, as polling closes to almost even Texas Insider Report: WASHINGTON, D.C. — Roughly 43% of Registered Voters say they would vote for the Republican contender in their Congressional District, while…

Feedyard greenhouse gas study analyzes emissions, mitigation factors

Writer: Kay Ledbetter, 806-677-5608, skledbetter@ag.tamu.edu Contact: Dr. Ken Casey, 806-677-5600, kdcasey@ag.tamu.edu AMARILLO – A week spent in a feedyard pen is helping researchers gain a better understanding of greenhouse gas…

Roaming Mantis uses DNS hijacking to infect Android smartphones

In March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized…

Operation Parliament, who is doing what?

Summary Kaspersky Lab has been tracking a series of attacks utilizing unknown malware since early 2017. The attacks appear to be geopolitically motivated and target high profile organizations. The objective…

Water well owner training April 24 in Stephenville

Contact: Dr. Drew Gholson, 979-845-1461, dgholson@tamu.edu STEPHENVILLE — A Texas Well Owner Network training has been scheduled for April 24 in Stephenville. The training, which is free and open to…

Your new friend, KLara

While doing threat research, teams need a lot of tools and systems to aid their hunting efforts – from systems storing Passive DNS data and automated malware classification to systems…

Threat Landscape for Industrial Automation Systems in H2 2017

For many years, Kaspersky Lab experts have been uncovering and researching cyberthreats that target a variety of information systems – those of commercial and government organizations, banks, telecoms operators, industrial…

Dinner Tonight Healthy Cooking School slated April 16 in Round Rock

Event will provide cooking demonstrations, food production discussion   Writer: Paul Schattenberg, 210-859-5752, paschattenberg@ag.tamu.edu Contact: Chelsea Stevens , 512-943-3300, castevens@ag.tamu.edu ROUND ROCK – The Texas A&M AgriLife Extension Service in…

East Austin Garden Fair set for April 14

Writer: Paul Schattenberg, 210-859-5752, paschattenberg@ag.tamu.edu Contact: Daphne Richards, 512-854-9600, drichards@ag.tamu.edu AUSTIN – The annual “East Austin Garden Fair: A Passion for Plants” will take place from 9 a.m. to 2…

Goodfellas, the Brazilian carding scene is after you

There are three ways of doing things in the malware business: the right way, the wrong way and the way Brazilians do it. From the early beginnings, using skimmers on…

Agricultural leasing workshop set April 19 in Archer City

Writer: Kay Ledbetter, 806-677-5608, skledbetter@ag.tamu.edu Contact: Tiffany Dowell Lashmet, 806-677-5668, tdowell@tamu.edu ARCHER CITY – A Rancher Leasing Workshop covering grazing, hunting and livestock leases will be presented by the Texas…

The Slingshot APT FAQ

While analysing an incident which involved a suspected keylogger, we identified a malicious library able to interact with a virtual file system, which is usually the sign of an advanced…

The devil’s in the Rich header

In our previous blog, we detailed our findings on the attack against the Pyeongchang 2018 Winter Olympics. For this investigation, our analysts were provided with administrative access to one of…