Researchers uncover PowerShell Trojan that uses DNS queries to get its orders

If you build it, the Hackers will come. That's just a fact folks.

Researchers at Cisco's Talos threat research group are publishing research today on a targeted attack delivered by a malicious Microsoft Word document that goes to great lengths to conceal its operations. Based entirely on Windows PowerShell scripts, the remote access tool communicates with the attacker behind it through a service that is nearly never blocked: the Domain Name Service.

The malware was first discovered by a security researcher (@simpo13) who alerted Talos because of one peculiar feature of the code that he discovered: it called out Cisco's SourceFire security appliances in particular with the encoded text, "SourceFireSux." 

Read more.

Da Boss!

Website: www.digitalsmind.com Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • Husband Store - Humor
    Written by

    Da Boss!

    Husband Store - Humor If this isn't a guy joke only, I don't know…
    Read more...
  • How to Log Off Remote Desktop User Sessions Via PowerShell?
    Written by

    Da Boss!

    How to Log Off Remote Desktop User Sessions Via PowerShell? This is a terrific PowerShell script (utility) to force users…
    Read more...
  • Quick Tip - RDP Session Switches
    Written by

    Da Boss!

    Quick Tip - RDP Session Switches Just in case you were wondering what "switches" you can…
  • WikiLeaks Vault 7 Leak Claims CIA Bugs ‘Factory Fresh’ iPhones
    Written by

    Da Boss!

    WikiLeaks Vault 7 Leak Claims CIA Bugs ‘Factory Fresh’ iPhones Yeah...I can see that.
    Read more...
  • Forcing Afterhours User Logoffs
    Written by

    Da Boss!

    Forcing Afterhours User Logoffs I had a buddy of mine ask me this question…
    Read more...

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.