Windows Crash Reports Reveal New APT, POS Attacks

  /     /     /  
Publicated : 22/11/2024   Category : security


Windows Crash Reports Reveal New APT, POS Attacks


Researchers discover zero-day attacks after studying the contents of various Dr. Watson error reports.



You never know what youll glean from a Windows crash report. Security researchers recently unearthed a previously unknown advanced persistent threat (APT) campaign, as well as a new point-of-sale system attack, by perusing and analyzing those crash reports also known as Dr. Watson.
Researchers at Websense -- who recently
exposed weaknesses in Microsofts Windows crash reports
that could be abused by attackers or spies -- on Wednesday released free source code online for enterprises to use the crash reports to catch potential security breaches in their organizations. Next week at the RSA Conference in San Francisco, the researchers will release indicators of compromise for the two attack campaigns that can be incorporated into intrusion prevention systems.
Alex Watson, director of security research for Websense, says his team spotted a targeted attack waged against a mobile network provider and a government agency, both outside the US, as well as a Zeus-based attack aimed at the point-of-sale system of wholesale retailers. In both cases, the attacks have been suspended and the command-and-control infrastructures disrupted.
We wanted to prove that we can detect zero-day or unknown [attacks] by a little information in crash reports, Watson says. So he and his team created crash fingerprints to filter and search for real-world attack intelligence in Dr. Watson reports.
Read the rest of this story on
Dark Reading
.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Windows Crash Reports Reveal New APT, POS Attacks