PBWCZ.CZ v03  v03  v02  v01  Update  Verze  Chyby  Aktualizace  Statistika Webu  Hlášení chyb  Beta Test  Rozvoj

HISTORIE ZMĚN PRO VERZI WEBOVÝ PROHLÍŽEČ

Novinka  Změna  Oprava  Aktualizace  Odstranění

VERZE 3.0.0.Alfa (31.5.2020)

HLAVNÍ STRÁNKA

Novinka

Novinka

Blacklist - Nová předělaná sekce obsahující černé listiny od webu, certifikátu a adress atd.

Novinka

Czech Press - Rozdělení na jednotlivé roky 2020  2019  2018  2017

Novinka

 

Novinka

 

Novinka

 

Změna

Změna

Win10 Update History - Přesunuta do výhodnější části webu.

Změna

English Articles a English List - Spojení do menu English Articles/List

Změna

Czech Press - Přidáno hlavní menu pro přepínání mezi články.
Změna  
Změna  

Aktualizace

Aktualizace

Malware List - A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  0-1 - Aktualizace

Aktualizace

RAT malware

ROKRAT

A few weeks ago, Talos published research on a Korean MalDoc. As we previously discussed this actor is quick to cover their tracks and very quickly cleaned up their compromised hosts. We believe the compromised infrastructure was live for a mere matter of hours during any campaign

DARKKOMET

DarkKomet is a freeware remote access trojan that was released by an independent software developer. It provides the same functionality you would expect from a remote access tool: keylogging, webcam access, microphone access, remote desktop, URL download, program execution, etc.

ExileRAT

Cisco Talos recently observed a malware campaign delivering a malicious Microsoft PowerPoint document using a mailing list run by the Central Tibetan Administration (CTA), an organization officially representing the Tibetan government-in-exile. The document used in the attack was a PPSX file, a file format used to deliver a non-editable slideshow derived from a Microsoft PowerPoint document

NavRAT

Talos has discovered a new malicious Hangul Word Processor (HWP) document targeting Korean users. If a malicious document is opened, a remote access trojan that we're calling "NavRAT" is downloaded, which can perform various actions on the victim machine, including command execution, and has keylogging capabilities.

Loda RAT

Over the past several months, Cisco Talos has observed a malware campaign that utilizes websites hosting a new version of Loda, a remote access trojan (RAT) written in AutoIT.

ObliqueRAT

This RAT is dropped to a victim's endpoint using malicious Microsoft Office Documents (maldocs). The maldocs aim to achieve persistence for the second-stage implant that contains a variety of RAT capabilities, which we're calling "ObliqueRAT." In this post, we illustrate the core technical capabilities of the maldocs and the RAT components including.

RevengeRAT

RevengeRAT is a publicly available Remote Access Trojan released during 2016 on the Dev Point hacking forum and it is known to be capable of opening remote shells, allow the attacker to manage system files, processes, and services, edit the Windows Registry, track the victim's IP address, edit the hosts file, log keystrokes, dump users passwords, and access the webcam, among many others.

Orcus RAT

Orcus has been advertised as a Remote Administration Tool (RAT) since early 2016. It has all the features that would be expected from a RAT and probably more. The long list of the commands is documented on their website. But what separates Orcus from the others is its capability to load custom plugins developed by users, as well as plugins that are readily available from the Orcus repository. In addition to that, users can also execute C# and VB.net code on the remote machine in real-time.

RAT Ratatouille

A remote access Trojan named Parallax is being widely distributed through malicious spam campaigns that when installed allow attackers to gain full control over an infected system.

PoetRAT

Cisco Talos has discovered a new malware campaign based on a previously unknown family we're calling "PoetRAT." At this time, we do not believe this attack is associated with an already known threat actor. Our research shows the malware was distributed using URLs that mimic some Azerbaijan government domains, thus we believe the adversaries in this case want to target citizens of the country Azerbaijan, including private companies in the SCADA sector like wind turbine systems.

CannibalRAT

Talos has identified two different versions of a RAT, otherwise known as a remote access trojan, that has been written entirely in Python and is wrapped into a standalone executable. The RAT is impacting users of a Brazilian public sector management school.

JhoneRAT

"JhoneRAT." This new RAT is dropped to the victims via malicious Microsoft Office documents. The dropper, along with the Python RAT, attempts to gather information on the victim's machine and then uses multiple cloud services: Google Drive, Twitter, ImgBB and Google Forms.

Parallax RAT

During our open-source investigation, we came across a sample aptly named "new infected CORONAVIRUS sky 03.02.2020.pif." This file was likely delivered as an attachment to an email in some sort of compressed archive. Upon execution, the RAT is installed and persistence is achieved by creating links in the user's startup folder, as well as the creation of several scheduled tasks, and establishing command and control communications with a dynamic DNS provider domain, which is fairly common with RAT distribution.

Agent Tesla

A .NET based keylogger and RAT readily available to actors. Logs keystrokes and the host's clipboard and beacons this information back to the C2.

njRAT

njRAT, also known as Bladabindi, is a Remote Access Trojan or Trojan which allows the holder of the program to control the end user's computer. It was first found in June 2013 with some variants traced to November 2012. It was made by a hacking organization from different countries called Sparclyheason and was often used against targets in the Middle East. It can be spread through phishing and infected drives.  It is rated "severe" by the Microsoft Malware Protection Center.

Nanocore RAT

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT, a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015.

Gh0st RAT

Gh0st RAT is a Trojan horse for the Windows platform that the operators of GhostNet used to hack into many sensitive computer networks. It is a cyber spying computer program. The "Rat" part of the name refers to the software's ability to operate as a "Remote Administration Tool". The GhostNet system disseminates malware to selected recipients via computer code attached to stolen emails and addresses, thereby expanding the network by allowing more computers to be infected.

Cerberus

The Cerberus banking Trojan that appeared on the threat landscape end of June 2019 has taken over from the infamous Anubis Trojan as major rented banking malware. While offering a feature-set that enables successful exfiltration of personally identifiable information (PII) from infected devices, Cerberus was still lacking features that could help lowering the detection barrier during the abuse of stolen information and fraud

Gustuff

The Gustuff banking Trojan, first spotted in 2016, went through quite a long journey of enhancements since its appearance on the threat landscape. Although originally built based on the infamous Marcher malware, it went through a major refactoring, introducing considerable changes in its architecture and feature set.

Hydra

Having its roots as a “dropper services” as described in our BianLian blog, Hydra went a long way from using outdated overlay attack techniques, to a fully capable banking malware. Although still having such capability, starting from February 2019, Hydra is no longer used as dropper but as a functional and stand-alone banking Trojan.

Ginp

Ginp appeared on the threat landscape in the second half of 2019 as a simple SMS stealer, completely written from scratch. It is not unusual to see actors attempt to create new malware now and then, but in this particular case the malware started to evolve rapidly, going through frequent development cycles.

Anubis

Although no longer officially supported since the conviction of its author, Anubis is still a common choice of criminals when it comes to Android banking malware. Since both client and server source code are publicly accessible for free, this does not come as a surprise. Some of the new users even made changes to it, fixing the bugs and gradually improving some aspects of the Trojan to sell or rent it in underground forums.

Aktualizace

Anti-Ramson Tool  - JavaLocker  KokoKrypt  Syrk

Aktualizace

GDHB - Aktualizace

Oprava

Oprava

Techblog CZ Press - Oprava kódu ve všech sekcích.

Učení Press

Úvod do informatiky

Oprava

Metadata - 404 Error

Operační systémy

Oprava

Příkazový řádek - 404 Error

Programování

Oprava

c# - 404 Error

Administrace

Oprava

Příkazový řádek - 404 Error

Oprava

LDAP adresářové servery pro správu uživatelských - 404 Error

Oprava

SAP ERP - 404 Error

Bezpečnost

Oprava

Elektronickém podpisu a šifrování - 404 Error

Oprava

Čipové karty a USB tokeny - 404 Error

Oprava

Systémy detekce a prevence průniků - 404 Error

Oprava

Využití protokolu SSL pro vytváření VPN - 404 Error

Oprava

DNSSEC a bezpečné DNS - 404 Error

Oprava

IPv6 Bezpečnost - 404 Error

Oprava

Penetrační testy v bezpečnostní analýze - 404 Error

Oprava

Systémy prevence průniků - 404 Error

Management

Oprava

Propojení ITIL procesů - 404 Error

Oprava

IMPLEMENTACE PROCESNÍ METODIKY ITIL - 404 Error

Oprava

Procesní management - 404 Error

Oprava

Projektový management - 404 Error

Oprava

Framework for Improving Critical Infrastructure Cybersecurity 2.0 - 404 Error

Technologie

Oprava

OLAP Databáze - 404 Error

Oprava

Strojové učení - 404 Error

Oprava

Datový sklad - 404 Error

Oprava

NÁVRH VIRTUALIZACE A KONSOLIDACE SERVERŮ - 404 Error


VERZE 3.0.0.Beta (28.4.2020)

HLAVNÍ STRÁNKA

Novinka

Kompletně přepracován a doplněn vzhled hlavní stránka a přidány nové sekce.

Novinka

Threats -

Novinka

SOC Security Operation Center

Novinka

Congress Papers - Obsahuje prezentace z jednotlivých konferencí.

Změna

ZeroDay - Přesunuto k sekci Threats

Změna

English Press List

Změna

English Articles

Oprava

Úvod H - Špatné odkazování na rám.

Oprava

English Press List - Špatné odkazování na rám.

VoIP

Novinka

VoIP - Nová sekce pro VoIP zařízení

Novinka

Menu  VoIP podvod  Motivy telefonních podvodů  Podvody v klasické telefonii  Podvody ve VoIP telefonii  Typické VoIP podvody  SW proti VoIP podvodům  Zodpovědnost za podvody  Obrana proti podvodům

THREATS

Novinka

Banking Malware - Banking trojans are a specific kind of trojan malware. Once installed onto a client machine, banking trojans use a variety of techniques to create botnets, steal credentials, inject malicious code into browsers, or steal money.

Novinka

Ransomware - Ransomware is a type of malware from cryptovirology that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid.

Novinka

Malware - Malware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client, or computer network (by contrast, software that causes unintentional harm due to some deficiency is typically described as a software bug).

Novinka

Mobil malware - Mobile malware, as its name suggests is malicious software that specifically targets the operating systems on mobile phones.

Novinka

RAT malware - A Remote Access Trojan (RAT) is a type of malware that allows hackers to monitor and control your computer or network.

Novinka

Global Threats -

Novinka

Statistics -

Novinka

Vulnerebility - refers to the inability (of a system or a unit) to withstand the effects of a hostile environment. A window of vulnerability (WOV) is a time frame within which defensive measures are diminished, compromised or lacking.

Novinka

Predictions 2020 -

Novinka

Cyber Analysis -

Změna

ZeroDay - Přidáno do sekce.

Zabezpečení

Novinka

Bankovnictví - Jak zabezpečit bankovnictví

Změna

Deset kroků kybernetické bezpečnosti - Přesunuto do této sekce CDC  SOC  CTI

Audit

Novinka

H  Audit  Audit podle norem ISO  Role auditora  Institut auditu z pohledu poskytovatele služby auditu  Audit a jeho fáze podle ISO 19011  Řízení programu auditu  Provádění auditu  Závěr z auditu a auditorská zpráva  Audit podle vyhlášky o kybernetické bezpečnosti

Novinka

Úvod  Zákon  Systém řízení  Normy ISO  Ochrana osobních dat  Bezpečnostní dokumenty a politiky 

Zero Trust

Novinka

Zero Trust - Zero Trust představuje bezpečnostní koncept zaměřený na princip, že organizace nemají automaticky důvěřovat ničemu uvnitř ani vně jejich hranic a namísto toho musejí před udělením přístupu ověřit vše, co se snaží získat připojení k jejich systémům.

Deset kroků kybernetické bezpečnosti

Novinka

H  Řízení rizik  Řízení rizik podle norem ISO  Stanovení kontextu  Identifikace a hodnocení aktiv  Identifikace hrozeb a zranitelností  Analýza rizik  Zvládání rizik

Novinka

CDC - CDC Cyber Defence Center

Novinka

SOC - SOC Security Operations Center

Novinka

CTI - CTI Cyber threat intelligence

Statistics

Novinka

Stránka obsahuje jednotlivé statistiky od renomovaných společností.

Novinka

Statistics - Vytvořena menu jednotlivých sekcí.

ZNALOSTI

Novinka

+ Obsahuje všechny potřebné znalosti o informačních technologiích.

Novinka

+ Rozdělení do několika sekcí

Novinka

+ Vytvoření menu Úvod  Úvod do informatiky  Počítačové sítě  Operační systémy  Bezpečnost  Technologie  Programování  Administrace  Management

JSEM HACKNUT

Změna

Nové grafické zpracování a zjednodušení vzhled.

Změna

Změny provedeny ve všech sekcích.

ENCYKLOPEDIE

Změna

Nové grafické zpracování a zjednodušení vzhled.

Změna

Vytvořeno menu odkazů na jednotlivé hrozby přímo na hlavní stránce.

Odstranění

Odstraněny nadbytečné obrázky jednotlivých hrozeb.

Odstranění

Zrušeno horní menu z důvodů přehlednosti v novém rámu.

Odstranění

Odstraněni jednotlivých číselníků stránek a odkazů z důvodů přehlednosti (Jednotlivé články jsou rozděleny podle měsíců)

ICS

Novinka

Nové menu a sekce Tactics  Techniques  Technique Matrix  Software  Groups 

Novinka

Techniques -

Collection

The adversary is trying to gather data of interest and domain knowledge on your ICS environment to inform their goal.

Command and Control

The adversary is trying to communicate with and control compromised systems, controllers, and platforms with access to your ICS environment.

Discovery

The adversary is trying to figure out your ICS environment.

Evasion

The adversary is trying to avoid being detected.

Execution

The adversary is trying to run malicious code.

Impact

The adversary is trying to manipulate, interrupt, or destroy your ICS systems, data, and their surrounding environment.

Impair Process Control

The adversary is trying to manipulate, disable, or damage physical control processes.

Inhibit Response Function

The adversary is trying to prevent your safety, protection, quality assurance, and operator intervention functions from responding to a failure, hazard, or unsafe state.

Initial Access

The adversary is trying to get into your ICS environment.

Lateral Movement

The adversary is trying to move through your ICS environment.

Persistence

The adversary is trying to maintain their foothold in your ICS environment.

Změna

Nové grafické zpracování

Incident

Novinka

Byly přidány roky 2020  2019

Aktualizace

Aktualizace stránky

English Press

Změna

Všechny sekce převedeny do roku 2020.

Změna

Nové grafické zpracování menu a obsahu.

Změna

Články z roků 2019 byly většinou přesunuty do sekce pro tento rok a z hlavní stránky smazány.

Blog Press

Novinka

+ Přidána Congress blog

Oprava

Oprava názvů jednotlivých blogů

Global Threats

Novinka

+ Vytvořeno menu H  APT  Attack  BigBrother  Bot  BotNet  Cryptocurrency  Exploit  ICS  IoT  Phishing  Privacy  Ransom  Rootkit  Soc.engineering  Social Network  Spam  Virus  Vulnerebility  WiFi 

Novinka

 

Cyber Analysis

Novinka

příprava jednotlivých sekcí.

Certifikační zkoušky

Novinka

Stránky se zabývají certifikačními zkouškami a jejich specifikacemi

Novinka

Vytvořeno menu Počítačové sítě  Počítačová bezpečnost  Operační systémy  Správa systému

Novinka

Seznam zkoušek + Učení pro úsměšné zvládnutí zkoušek CCNA  CCNP  CEH  CompTIA Security+  CompTIA A+

Novinka

CCNA + Počítačové sítě  Cisco IOS 

Threats Statics

Novinka

Menu H  Top Attack  Infiltration  Communication  BlackList

Novinka

Top Port Attack - Seznam portů, které jsou nejvíce využívány k útokům.

Malware

Novinka

Malware Techniques -

H  FileSystem  Registry  Generic OS Queries  Global OS object  UI artifacts  OS Features  Processes  Network  CPU  Hardware  Firmware tables  Hooks  Timing  WMI  Human-like behavior  macOS  Source: Checkpoint

Novinka

RAT malware - Přidány seznamy malwaru

Cerberus

The Cerberus banking Trojan that appeared on the threat landscape end of June 2019 has taken over from the infamous Anubis Trojan as major rented banking malware. While offering a feature-set that enables successful exfiltration of personally identifiable information (PII) from infected devices, Cerberus was still lacking features that could help lowering the detection barrier during the abuse of stolen information and fraud

Gustuff

The Gustuff banking Trojan, first spotted in 2016, went through quite a long journey of enhancements since its appearance on the threat landscape. Although originally built based on the infamous Marcher malware, it went through a major refactoring, introducing considerable changes in its architecture and feature set.

Hydra

Having its roots as a “dropper services” as described in our BianLian blog, Hydra went a long way from using outdated overlay attack techniques, to a fully capable banking malware. Although still having such capability, starting from February 2019, Hydra is no longer used as dropper but as a functional and stand-alone banking Trojan.

Ginp

Ginp appeared on the threat landscape in the second half of 2019 as a simple SMS stealer, completely written from scratch. It is not unusual to see actors attempt to create new malware now and then, but in this particular case the malware started to evolve rapidly, going through frequent development cycles.

Anubis

Although no longer officially supported since the conviction of its author, Anubis is still a common choice of criminals when it comes to Android banking malware. Since both client and server source code are publicly accessible for free, this does not come as a surprise. Some of the new users even made changes to it, fixing the bugs and gradually improving some aspects of the Trojan to sell or rent it in underground forums.

Gh0st RAT

Gh0st RAT is a Trojan horse for the Windows platform that the operators of GhostNet used to hack into many sensitive computer networks. It is a cyber spying computer program. The "Rat" part of the name refers to the software's ability to operate as a "Remote Administration Tool". The GhostNet system disseminates malware to selected recipients via computer code attached to stolen emails and addresses, thereby expanding the network by allowing more computers to be infected.

English Articles

Změna

Nové menu a grafické zpracování

Novinka

Vytvoření stejného měsíčního rozdělení, jako u ostatních.