Dridex, the latest descendent of the Bugat/Feodo/Cridex banking Trojan lineage has been a constant source of attacks using the malware since its release in July. To date, Dridex has centered on sending executable attachments via e-mail. That seems to have changed this week, as we’ve seen a tactical shift to sending those executable attachments via Microsoft Word documents loaded with macros that download and execute the malware.
Like its precursors, Dridex is a sophisticated Banking Trojan, similar to the infamous Zeus malware. Its core functionality is to steal credentials of online banking websites and allow a criminal to use those credentials to initiate transfers and steal funds. Dridex uses an XML-based configuration file to specify which websites it should target and other options for the malware. For instance, the configuration specifies which websites to capture form submissions from, and which to ignore with the following XML. …Continue reading
The effective date for CIP version 5 Standards is rapidly approaching and entities are beginning to implement new controls to meet the updated requirements.
Palo Alto Networks expert Del Rodillas, along with experts from EnergySec and ENMAX will discuss the new requirements and potential technical approaches to meeting compliance obligations.
Register now, and see full details below:
This week we participated in Security Leaders 2014 in Sao Paulo, Brazil, an annual gathering and exhibition to discuss information security and risk for enterprises, and featuring about 3,000 security professionals from the region. Check out some snaps from our time there below: