In Kazakhstan National Computer Emergency Response Team (KZ-CERT) was founded in 2011.
- monitoring and detection of internet resources violationg law of the Republic of Kazakhstan;
- elaboration of propositions and recommendations on guarding the interests of person, society and state in information space;
- provide information security consulting services;
- fast and thorough gathering of information about cyber attacks or other suspicious activities.
- coordination of public and telecommunication operators’ cyber security units and other actors of national information infrastructure in the issues regarding prevention of violations in information and communication technologies;
- collection, analysis and storing information concerning existing threats to cybersecurity and effectiveness of implemented security measures
17 October 2014
SSDP-Based DDoS Attacks on the Rise
After using the NTP (Network Time Protocol) to conduct amplified distributed denial-of-service attacks, the current trend shows that SSDP (Simple Service Directory Protocol) has gained in popularity.
Telemetry data from Arbor Networks, a company offering distributed denial-of-service (DDoS) attack mitigation services, SSDP is accountable for 42% of the incidents above 10Gbps recorded by their systems in September.
For the entire third quarter of 2013, the company monitored almost 30,000...
14 October 2014
Beware of phishing!
Kazkommertsbank’s officers discovered Phishing Scams, which invokes to enter credentials of Homebank.kz in the body of email of the following type:
This email distribution is fraudulent and responding to it you will compromise your personal data.
We ask you to ignore these kinds of emails because bank will never ask you to enter your credentials in the email. The only place you can carefully enter your credentials is financial portal page: https://www.homebank.kz...
13 October 2014
Phishing with help from Compromised WordPress Sites
Majority of these kinds of resources use vulnerable plugins for Wordpress, which are used for site comprometation.
Sites on the basis of CMS WordPress, are often compromised and then used to send spam and phishing emails. This is often due to the use of outdated version of the popular CMS or vulnerable plugins for it. It is reported by Daniel Cid (Daniel Cid), Sucuri company specialist.
As an example, Sid demonstrated one of the phishing messages, which he received. It proposed...