Category Archives: Latest Article

Accidentally D-Link Disclose Private Code-Signing Key on The Internet

Latest Article1

For malware creators it has now become very easy as D-link private code-Siging Key has been published accidentally. Actually D-Link is Taiwan based company which deals in networking equipment. It mistakenly revel the private code signing key inside open source firmware packages on the company. This issue has been point out by Tweakers. It is one of the website in Dutch language that make its users aware with this issue. According to the users who have purchased the D-Link DCS-5020L security camera as well as download the firmware from its manufacturer. As a result reader not only found private keys, but they also find phrases required for login the software. Somehow it happen, but that shouldn’t be as code signing certificate is usually present in one of the source code having specific version.

Someone says they got the same certificate from D-Link they as well as from Starfield Technologies, KEEBOX Inc., and Alpha Networks etc. The above mentioned packages do not carry those folder which are containing signing certificates codes. This is the only folder exclusion through which D-Link Disclose Private Code-Signing Key has been reveled for every user. This certificate has been published on 27th Feb and around six months before September 3 it has been expire.

Hackers Could Find The Way To Sign Malware

Latest Article 2

Once testing has been done then they become able to create a Windows based application and for that they are able to get one of the main Code signing key associate with D-Link that was valid at that time. Apart from that rest of three code signing key has been found not present to be valid. Despite of the private key inside the sources codes, users also identified pass-phrases needed sign to the related software. But it has not been cleared yet that the private keys has been used by malicious third parties or not. However there is complete possibility of that the codes may been accessed by hackers to sign their created malware or threats in order to attack targeted system.

Latest Article 3

This issue has been found and confirmed first by Yonathan Klijnsma who is from Dutch security firm Fox-IT. After evolving of this issues, D-Link has take action and responded as per the expectation and close this room to get benefited. After doing that company has updated the firmware and release new version of the firmware having everything fine and no further code signing keys issues inside.

Know About Bcachefs – A New File System of Linux

1 latest article

Bcachefs is one of the newly and fastest open source file system and it has been announced five years ago by ex-Google engineer named as Kent Overstreet. Now it is generally available and derived from bcache Linux Kernel Block layer cache. Main objective and aim behind the creation of this advance files system is to provide faster or speedier way of storing files and data on server. Bcachefs offers to provide similar and parallel performance as well as reliability as EXT4 and XFS file system does while carrying features of Btrfs and ZFS system.

2 latest articleAt this point of time Bcachefs has become very well know and popular among Linux users because it is “more or less features complete” and also state that at this stage testing and performance figures are quite impressive and satisfying as well as good enough to become famous and up to the mark. At this moment user can experience features like replication, compression, caching and supported. Not only that it also come with promise to provide snapshot in upcoming release. Other than that its documentation is also available for everyone who are looking for test drive of Bcachefs file system. So its availability has become very easy and anyone can try it with no hassle.

Regarding the availability of Bcachefs on Linus Kernel Mailing List,

3 Latest ArticleBcachefs

Some Important Features That Bcachefs Supports

Bcachefs has been designed in such a way that user can find get effective and more enhanced features. Apart from the features of previous files system it also supports few newer one which is listed below, take a look:-

Checksumming:- It ensure users to maintain data integrity on the system.
Compression:- Due to feature file will be saved in compressed format so that pace can be save and you don’t data memory short issue.

caching:- It is one of the most important facility provided by Bcachefs file system of linux. Actually due to this user can get quick and fastest response for their given instructions.

Copy-on-Write (COW):- This is one feature, through which single file has become available for everyone and can also be accessed by multiple parties at the same time.

Upcoming Features of Bcachefs File System

After testing done by users it has been concluded that few features also needs to be with this file system and in this regard here you may know what’s coming next for Bcachefs.

  • Snapshorts that will allow the OS to create backup of data.
  • Writeback Caching between tiers
  • Erasure Coding
  • SMR (Shingled Magnetic Recording) drives as well as raw flash

In order to try Bcachefs for yourself, one can find the code over here, but not to expect completed code and for that you have to wait little longer. Furthermore, you can also get other information of Bcachefs as well as its current limitation and for that click here to know its official announcement.

Elise APT Malware from Operation Lotus Blossom : A Sponsored Campaign to Steel Asian Military Info

Operation Lotus Blossom Elise APT Malware

In this era of digital world where everyone is connected with Internet Elise APT (Advanced Persistent Threat) Malware affliction can be seen spreading globally. Many security professionals has alarmed various military and government organization for a new advanced persistent threat attacks. This is a sponsored campaign which is carried out by Operation Lotus Blossom to target South-Asian Military. It has been reported that it has been seen over the countries like Philippines, South China Sea, Hong Kong, Indonesia and Vietnam.

What is Elise APT Malware ?

This is a type of Cyber attack from Lotus Blossom which is being popular for stealing confidential information from Asian countries Servers and Head Quarters. Do you know what makes these type of threats differ from other malwares ? This differs in how this are created, resources used, money, time to make and implement them. To whom it’s going to target and the required knowledge and expertise to design it’s custom pieces, make these kinds of threats differ from the common ones.

This cyber espionage is purposely designed to carry out attacks to target South Asian countries for stealing confidential data from their government and military organizations. It has been observed that while it’s mainly targeting military and government institutions, it’s might be affecting private sectors for instance a la Stuxnet and Duqu.

Methodological analysis on Working of APT Mystic Law of Hack :

According to the researchers analysis and feedback of various victims, its found that this APT attacks it’s target via Spear-phishing emails with malicious attachment. Generally its a personnel/military roster which seem to be send from some known individual or institution. This is quite relevant to military or government organizations which the victim expect to see and prompts them to open the email.

How Elise APT Malware Attacks

If the victim opens the tainted attachment in the email, the malware program stealthy get inside their system. Once successful installation of the malware, it opens a backdoor in the victim’s computer system. Then after it can evade detection environment, establishes a connection to its operating server and also ex-filtrate it’s victim’s data.

This enables its’ attackers to remotely operate and conduct several additional attacks. This includes infiltrating into connected network, compromise new systems and can also deliver other malware for illegitimate purposes.

Dangerous features about Elise APT Malware from Operation Lotus Blossom :

During our research we have come to know that it has inherited the features of custom-built malware toolkit which named as Elise. This custom piece of novel Elise APT Malware includes some of the unique features including the ability to –

  • Elude Detection from Sandbox
  • Ex-filtrate Confidential and Sensitive Information
  • Establish Connection to its Command and Control Servers
  • Deemed to Deliver Second Stage Malware Payloads

Impacts of Cyber Threat from Operation Lotus Blossom ?

  • This APT malware has the ability to steal the victim’s confidential and sensitive data which is purposely designed for this.
  • It can make your system vulnerable and compromise your networks considerably.
  • Moreover, after installation Elise can also capable of infecting new computer systems
  • Furthermore due to this APT cyber espionage, your system can be delivered with 2nd stage malware variants.
  • What’s worse is that you and your clients data will be at high risk, especially if you are infected with Elise APT malware.

Effective Research by AlienVault Labs : Results in Curative Help

How AlienVault Helps

AlienVault Labs do several back to back up-to-date researches on these kinds of threats. They integrate huge data from different resources and then creates an expertise intelligence report on that threat.

They had done a recent research on Elise APT Malware and already published a correlation rule the AlienVault USM platform and IDS signature on their site and forum. With the help of this victim’s can detect activities about Elise threat.

If you are infected with this threat then don’t worry Unified Security Management Platform provide help to scan your network. This will do complete network scan to detect objects that could be infected in the APT attack.

It will make easy for you to identify and prioritize which one is in need to address first. Not only this detects the vulnerability in your system but also identifies the vulnerability exploits that might be attempted by this new nation-state cyber threat.