Finding Neutrino

In August 2018, PT Network Attack Discovery and our honeypots began to record mass scans of phpMyAdmin systems. Scans were accompanied by bruteforcing of 159 various web shells with the command die(md5(Ch3ck1ng)). This information became the starting point of our investigation. Step by step, we have uncovered the whole chain of events and ultimately discovered a large malware campaign ongoing since 2013. Here we will … Continue reading Finding Neutrino

IronPython, darkly: how we uncovered an attack on government entities in Europe

Hunting for new and dangerous cyberthreats is the job of the Positive Technologies Expert Security Center (PT ESC). In early April 2019, PT ESC analysts detected a targeted attack on the Croatian government. In this article, we will outline what makes this threat so interesting: delivery chain, indicators of compromise, and use of a new post-exploitation framework that to our knowledge has not previously been … Continue reading IronPython, darkly: how we uncovered an attack on government entities in Europe

Four ways to phish: how to avoid falling for scammers’ bait

Phishing is one of the main cybersecurity threats targeting Internet users. Today we will describe how these attacks work and how not to become a victim. Emails from trusted companies Attackers often target customers of a particular company. They impersonate that company and reach out to its customers, asking them to click a link to a fake website, where they are tricked into entering their … Continue reading Four ways to phish: how to avoid falling for scammers’ bait

Protecting Money On The Internet. Five Tips To Secure Your Online Transactions

Image credit: Unsplash According to Positive Technologies research data, security of financial applications keeps growing. Banks make serious investments into improving security of their products. In the end hackers find it easier not to attack the banks, but rather go after bank clients and people shopping online. Here are some useful tips from Positive Technologies experts to help you protect your money online. Make transactions … Continue reading Protecting Money On The Internet. Five Tips To Secure Your Online Transactions

A Positive Technologies Expert Helped to Protect ABB Digital Substations from Cyberattacks

Image credit: ABB      ABB, a Switzerland-based company that produces software for control systems in the energy industry, has acknowledged that its PCM600 suffers from four vulnerabilities related to insecure password storage. The one who detected and reported them to the vendor was Ilya Karpov, an ICS security expert from Positive Technologies. As noted in the ICS-CERT advisory, the ABB engineer software for industrial automation … Continue reading A Positive Technologies Expert Helped to Protect ABB Digital Substations from Cyberattacks