• 14 September 2012 CERT Polska

    Do you really need Java?

    Article thumbnail

    In late August, Oracle has decided to release Java updates before the planned publication date on October 16 CPU (Critical Patch Update). According to reports update contains four security fixes. This year Oracle has already introduced 32 security fixes across all Java SE products. The immediate cause for the release …

    Read more
  • 13 August 2012 CERT Polska #malware

    More human than human – Flame’s code injection techniques

    Article thumbnail

    Flame aka Flamer aka Skywiper is a sophisticated trojan application discovered in 2012. Since then it has been the subject of extensive analysis by malware research community. The trojan has been recognized as extraordinarily complicatied, with a modular design and advanced algorithms. The degree of Flame’s complexity raised many …

    Read more
  • Ransomware: how to remove it, even when the computer does not boot?

    Article thumbnail

    We have recently published an article (in Polish) about ransomware malware (mainly WeelsOf) spreading in Poland. This kind of ransomware was initally mentioned on the abuse.ch blog: https://www.abuse.ch/?p=3718. It demands 100 Euro or 500 PLN in order to unlock our computer. We also published …

    Read more
  • Android malware sending Premium SMS targeting Polish users

    Article thumbnail

    CERT Polska received an Android malware sample. Both the application name ( poland_xxx.apk ) and its location (it was downloaded while visiting a popular Polish website, probably as a part of advertisement) may mean that Polish Internet users are targeted. Application sends three Permium-rate SMS, all of …

    Read more
  • 21 June 2012 CERT Polska #malware

    Analysis of a very social malware

    Article thumbnail

    Yesterday Polish security portal, Niebezpiecznik.pl, has informed about a new kind of malware spreading through Facebook (article in Polish). CERT Polska got a sample of this malicious software to analyse. Despite Facebook being not a new attack vector, this malware sample is very interesting. Currently it is detected by …

    Read more
  • 18 May 2012 CERT Polska

    An Anomaly in the μTorrent network

    Article thumbnail

    This article is based on observations in the ARAKIS system, which is built on top of a network of honeypots. 1. Introduction In recent weeks we continued to observe significant increase of uTorrent (uTP based) network activity. Some parts of recorded traffic triggered high-level alerts in the ARAKIS system informing …

    Read more
  • SECURE 2012 – Call for Speakers: A reminder

    Article thumbnail

    Less than three weeks left to submit your proposals for SECURE 2012 presentations. SECURE is an annual conference held by NASK and CERT Polska since 1996 with, dedicated entirely to IT security and addressed to the administrators, security team members and practitioners in this field. Particular emphasis is on practical …

    Read more
  • 16 April 2012 CERT Polska

    CERT Polska publishes the Annual Report for 2011

    Article thumbnail

    Our Annual Report for 2011 contains descriptive analysis of data about threats in Polish computer networks. The analysis is based mostly on 21 210 508 reports from automated sources, and, to a smaller extent 605 incidents registered from individuals’ reports. All data is categorised similarly to our past reports: Annual …

    Read more
  • 21 March 2012 CERT Polska #botnet

    Kelihos.B bot initial analysis

    Article thumbnail

    Recently, we encountered a very good article about another instance of the Kelihos botnet. According to results of research conducted by the author, most of the machines involved in the fast-flux network scheme are located in Poland. That’s why we decided to take a closer look at available samples …

    Read more
  • SECURE 2012 – Call for Speakers

    Article thumbnail

    Although Anonymous attacks on the Polish government (and others as well) have been the dominating topic of IT security news in Poland for quite some time, hacktivism is not likely to be the only highlight of this year’s SECURE Conference. While security researchers, CERTs and law enforcement are becoming …

    Read more