Advanced Persistent Threat
Searching for Hashes of Malicious Files (APT - Aurora)
Monday, February 15th, 2010A couple weeks ago I posted a blog article with some sample file hashes and domain names associated with the recent Google hacks (think APT or Aurora). More information on those file hashes can be found here.
Since then I’ve had quite a few people ask me, if you have a system that you suspect might [...]
20 Critical Controls, “Aurora”, APT, and the Google Hack
Thursday, February 4th, 2010Obviously there has been a lot of discussion in the news, on blog posts, even tweets, on the issue of the Aurora attacks and what they mean. This is certainly not a new threat. Evidence of this threat can be seen back to at least 2008 if not earlier (if you consider Titan Rain or [...]
Aurora Malware Hashes and Domains
Tuesday, February 2nd, 2010McAfee has recently released specific details about their analysis of the Aurora malware that was used to compromise 30+ companies over the past few months. This malware is consistent with the types of files that Enclave and other organizations who have responded to APT based attacks have discovered. It appears to utilize many of the [...]