Monday, August 31, 2015
Feedly:SANS Internet Storm Center, InfoCON: green. Encryption of "data at rest" in servers, (Tue, Sep 1st)
from SANS Internet Storm Center, InfoCON: green
Over in the SANS ISC discussion forum, a couple of readers have started a good discussion
Feedly:SANS Internet Storm Center, InfoCON: green. Gift card from Marriott?, (Tue, Sep 1st)
from SANS Internet Storm Center, InfoCON: green
Always nice when the spammers are so forthcoming to send their latest crud directly to our SANS I ...(more)...
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Belgium plans collection of plane, train, ferry users' data
from Security News - Software vulnerabilities, data leaks, malware, viruses
Belgium on Monday unveiled plans for a controversial system to collect data on all airline passengers, as well as international train and ferry travellers, in the wake of a foiled attack on a train running between Belgium and Paris.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Report: Colombia collecting bulk data without warrants
from Security News - Software vulnerabilities, data leaks, malware, viruses
Intelligence agencies in Colombia have been building robust tools to automatically collect vast amounts of data without judicial warrants and in defiance of a pledge to better protect privacy following a series of domestic spying scandals, according to a new report by Privacy International.
Feedly:TrendLabs Security Intelligence Blog. Macro Threats and Ransomware Make Their Mark: A Midyear Look at the Email Landscape
from TrendLabs Security Intelligence Blog
Email can be considered a big business—for cybercrime. In 2014, 196.3 billion emails were sent and received daily. Of that number, 108.7 billion were business emails. With the volume of business emails sent daily, it would be unimaginable for cybercriminals not to take advantage of email to target big businesses. And those attempts can result in million-dollar […]
Feedly:Malwarebytes Unpacked. Genieo installer tricks keychain
from Malwarebytes Unpacked
| Earlier this month, an adware installer was found to be taking advantage of the DYLD_PRINT_TO_FILE vulnerability in OS X. Now Malwarebytes researcher Adam Thomas, who discovered that issue, has found a newer variant of this installer that's pulling some new tricks.
Categories: |
Feedly:. Jailbreak iOS Trojan KeyRaider used as part of free apps scam
from
Attackers claim to offer premium apps to iOS devices for free by using stolen Apple ID accounts.
Twitter Card Style:
summary
Feedly:Securelist - Information about Viruses, Hackers and Spam. Taking A Break From Research To Accelerate Startups: SSC 2015
from Securelist - Information about Viruses, Hackers and Spam
How would you describe the best job in the world of security research? Would it be to work at the forefront of security research, diving into the bits and bytes of advanced malware and global threats, or to have a… Read Full Article
Feedly:SANS Internet Storm Center, InfoCON: green. Detecting file changes on Microsoft systems with FCIV, (Mon, Aug 31st)
from SANS Internet Storm Center, InfoCON: green
Microsoft releases often interesting tools to help systemadministrato ...(more)...
Feedly:Virus alerts. August 2015 Android malware review from Doctor Web
from Virus alerts
August 31, 2015
PRINCIPAL TRENDS IN AUGUST
- Banking Trojans continue to threaten mobile devices' owners
- New cases of Android Trojans being employed by cybercriminals to spy on users
- Growing number of Android ransomware
- Growing number of SMS Trojans
Number of entries for malicious and unwanted software targeting Android OS in Dr.Web virus database
| July 2015 | August 2015 | Dynamics |
|---|---|---|
| 11,422 | 12,504 | +9.47% |
Mobile threat of the month
In August, Doctor Web security researchers detected and examined a new Android Trojan named Android.Backdoor.260.origin. This malicious program is distributed among Chinese users and is intended to spy on its victims. In particular, the Trojan can intercept SMS and QQ messages, steal contact list data, make audio records using the built-in microphone, track GPS coordinates of the infected device, and collect data entered by the user.
Android.Backdoor.260.origin has the following characteristics:
- Gets installed on the system as an update
- Once launched, removes its shortcut “hiding” from the user
- Attempts to plant a number of modules into system folders
- Communication between malicious components is carried out through UNIX sockets
- Tries to install a potentially dangerous utility that allows to intercept data entered by the user
- Can be controlled by cybercriminals remotely
Find out more about the malicious application in this news article.
Banking Trojans
During the previous month, virus makers continued to distribute various Trojans designed to steal money from bank accounts of mobile devices' owners. Although the number of such attacks was not as large as before, many users still fell victim to them. Again, to distribute banking Trojans, cybercriminals employed spam campaigns involving short messages with malware download links.
In such manner, a Trojan under the name of Android.MulDrop.69.origin was distributed among Android users in South Korea. The malware installed Android.MulDrop.38 on mobile devices, and this program, in turn, installed a banking Trojan named Android.BankBot.74.origin.
In Russia, cybercriminals employed MMS messages to distribute such banking Trojans as Android.SmsBot.365.origin and Android.SmsBot.451.origin.
The number of entries for banking Trojans of the Android.BankBot family in Dr.Web virus database:
| July 2015 | August 2015 | Dynamics |
|---|---|---|
| 135 | 138 | +2.22% |
The number of entries for banking Trojans of the Android.SmsBot family in Dr.Web virus database:
| July 2015 | August 2015 | Dynamics |
|---|---|---|
| 473 | 495 | +4.65% |
-
Android.MulDrop.69.origin
A Trojan designed to distribute and install other malware on Android mobile devices.
-
Android.MulDrop.38
A Trojan designed to distribute and install other malware on Android mobile devices.
-
Android.BankBot.74.origin
A Trojan designed to steal money from bank accounts of Android devices' owners.
-
Android.SmsBot.365.origin
A Trojan designed to steal money from bank accounts of Android devices' owners.
-
Android.SmsBot.451.origin
A Trojan designed to steal money from bank accounts of Android devices' owners.
Android ransomware
In August, the number of ransomware Trojans belonging to the Android.Locker family grew significantly. These malicious programs lock mobile devices and demand a ransom to unlock them. During the previous month, Dr.Web virus database was updated with new entries for these Trojans:
| July 2015 | August 2015 | Dynamics |
|---|---|---|
| 356 | 431 | +21% |
SMS Trojans
Moreover, during the previous month, a large number of new SMS Trojans were detected. These malicious applications send messages to premium numbers and subscribe users to chargeable services without their victims' knowledge. The number of entries for SMS Trojans of the Android.SmsSend family in Dr.Web virus database:
| July 2015 | August 2015 | Dynamics |
|---|---|---|
| 5,259 | 5,728 | +9% |
Feedly:TrendLabs Security Intelligence Blog. Blackmail, Deletion Offers Hit Ashley Madison Users
from TrendLabs Security Intelligence Blog
How much is keeping a secret worth? According to hackers taking advantage of the Ashley Madison hack, it’s worth only up to one Bitcoin – around 230 US dollars at current exchange rates. Soon after the data from the breach was leaked to the public, we knew that there would be some sort of other […]
Sunday, August 30, 2015
Saturday, August 29, 2015
Friday, August 28, 2015
Feedly:We Live Security » Languages » English. 8 security tips for gamers: go play with no worries!
from We Live Security » Languages » English
It is possible to enjoy videogames by applying practical security measures that will keep us safe. In this article, we look at 8 security tips.
The post 8 security tips for gamers: go play with no worries! appeared first on We Live Security.
Feedly:Malwarebytes Unpacked. This PUP Alerts You of a Zombie Invasion
from Malwarebytes Unpacked
| Apps are constantly created to address certain needs. The more helpful an app claims to be, especially in times of crisis, the more users would likely take interest in them. Some alert apps, however, need a much closer look.
Categories: Tags: PUPPUP Fridayzomg zombies! |
Feedly:Malwarebytes Unpacked. Business Email Scams: A Growing Threat
from Malwarebytes Unpacked
| Business Email Scams: is that email from the CEO asking for a wire transfer the real deal? Learn to spot the tell-tale signs of a fake...
Categories: |
Feedly:We Live Security » Languages » English. iOS vulnerability Ins0mnia fixed by Apple
from We Live Security » Languages » English
Apple has resolved a serious security vulnerability known as Ins0mnia in its latest update.
The post iOS vulnerability Ins0mnia fixed by Apple appeared first on We Live Security.
Feedly:We Live Security » Languages » English. LizardStresser: Six people arrested in connection with Lizard Squad’s DDoS attack tool
from We Live Security » Languages » English
British police have today announced the arrest of six people in connection with distributed denial-of-service (DDoS) attacks that attempted to bring down websites belonging to – amongst others – a national newspaper, a school and a number of online retailers.
The post LizardStresser: Six people arrested in connection with Lizard Squad’s DDoS attack tool appeared first on We Live Security.
Feedly:Bitdefender Labs. Vulnerability in JetAudio and JetVideo Media Players Allows for Arbitrary Code Execution
from Bitdefender Labs
An arbitrary code execution in the JetAudio Basic (v8.1.3) and JetVideo media players for Windows could allow an attacker to craft a malicious “.asf” file and compromise the host, according to findings of the Bitdefender Research Team. The JetAudio Basic … Continue reading →
Thursday, August 27, 2015
Feedly:TrendLabs Security Intelligence Blog. Targeted Attacks: Not All Attacks Need To Be Sophisticated
from TrendLabs Security Intelligence Blog
The security industry loves to talk about how “sophisticated” attacks can be. Usually this takes the form of us saying how advanced and sophisticated an attack is, what new methods were used to hide servers or make analysis harder, etcetera. However, it’s easy to forget that not all attacks need to be technically sophisticated; instead […]
Feedly:Xanda's Blog !~!. Yara Rule for Angler EK redirector JS
from Xanda's Blog !~!
Few friends ping-ed me recently and asked for intel on Angler EK. One of the thing that i can really release publicly at the moment without interfering/conflicting with my employer’s interest, is the yara rule to detect the Angler Exploit Kit redirector. The redirector is actually JS code, injected to innocent page to redirect visitor […]
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Cheater website Ashley Madison had few women: report
from Security News - Software vulnerabilities, data leaks, malware, viruses
If one analysis of hacked data from Ashley Madison is true, the affair-seeker website promoted a lot of talk, but little action.
Feedly:TrendLabs Security Intelligence Blog. FTC Has Authority to Enforce Corporate Cybersecurity
from TrendLabs Security Intelligence Blog
Up to now, there have been relatively few laws or regulations from government agencies that mandate just how companies should protect their data. In the United States, however, that may be about to change. Earlier this week, the United States Court of Appeals for the Third Circuit decided in FTC v. Wyndham Worldwide Corp. that the […]
Feedly:We Live Security » Languages » English. Ashley Madison: A timeline of events
from We Live Security » Languages » English
The Ashley Madison attack could be one of the most notable instances of cybercrime in 2015. Here's a timeline of the key events.
The post Ashley Madison: A timeline of events appeared first on We Live Security.
Feedly:Malwarebytes Unpacked. Angler Exploit Kit Strikes on MSN.com via Malvertising Campaign
from Malwarebytes Unpacked
| The same actors behind the recent Yahoo and Azure malvertising attacks went after MSN.com this time.
Categories: Tags: angleranti exploitJerome Seguramalvertisingmsnyahoo |
Feedly:. Scammers quick to capitalize on Ashley Madison breach
from
Symantec telemetry shows surge in spam messages mentioning Ashley Madison megabreach.
Twitter Card Style:
summary
Feedly:. Regin: Further unravelling the mysteries of a cyberespionage threat
from
Symantec’s investigation uncovers additional modules for the Regin spying tool and finds advanced infrastructure supporting it.
Twitter Card Style:
summarySymantec’s continuing investigation into the Regin Trojan has cast new light on the cyberespionage tool, revealing a wider range of capabilities and a complex infrastructure supporting the threat.
Feedly:Malwarebytes Unpacked. “Girls List” Spam Landing in Mailboxes
from Malwarebytes Unpacked
| Spam mails are offering up so-called "girl lists". As it turns out, there are no lists - but you may need to avert your eyes should you open the attachment...
Categories: |
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Report links hacking scheme to Iran
from Security News - Software vulnerabilities, data leaks, malware, viruses
Researchers have linked a sophisticated hacking scheme targeting Iranian dissidents back to Iran.
Feedly:Securelist - Information about Viruses, Hackers and Spam. Taking root
from Securelist - Information about Viruses, Hackers and Spam
We analyzed the statistics we had collected from May to August 2015 and identified three main Trojan families that use root privileges on the device to achieve their goals.
Feedly:The Citizen Lab. تماس از لندن: فیشینگ رمز عبور دو مرحلهای از ایران
from The Citizen Lab
این گزارش به کمپین رو به رشد حملات فیشینگ علیه کاربران در گستره ایران و حداقل یک حمله به یک فعال غربی میپردازد. این حملهها تلاش دارند تا امنیت مضاعفی که از طریق رمز عبور دو مرحلهای در گوگل فراهم شده است را دور بزنند و به شکل گستردهای مبتنی بر تماسهای تلفنی و تلاش برای ورود در زمان حقیقی از سوی مهاجم است. جالب اینجاست که این حملهها عموما با یک تماس تلفنی از کشور انگلستان شروع میشده و هکرها به یکی از دو زبان فارسی و یا انگلیسی ارتباط برقرار میکردهاند.
The post تماس از لندن: فیشینگ رمز عبور دو مرحلهای از ایران appeared first on The Citizen Lab.
Feedly:The Citizen Lab. London Calling: Two-Factor Authentication Phishing From Iran
from The Citizen Lab
This report describes an elaborate phishing campaign using two-factor authentication against targets in Iran’s diaspora, and at least one Western activist.
The post London Calling: Two-Factor Authentication Phishing From Iran appeared first on The Citizen Lab.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. State Department officials routinely sent secrets over email
from Security News - Software vulnerabilities, data leaks, malware, viruses
The transmission of now-classified information across Hillary Rodham Clinton's private email is consistent with a State Department culture in which diplomats routinely sent secret material on unsecured email during the past two administrations, according to documents reviewed by The Associated Press.
Wednesday, August 26, 2015
Feedly:The Citizen Lab. The Citizen Lab wins 2015 Pioneer Award
from The Citizen Lab
The Citizen Lab is one of the winners of the 2015 Pioneer Award, awarded by the Electronic Frontier Foundation (EFF).
The post The Citizen Lab wins 2015 Pioneer Award appeared first on The Citizen Lab.
Feedly:We Live Security » Languages » English. Support Scams, Malware and Mindgames without Frontiers
from We Live Security » Languages » English
Introduction It might not have escaped your notice that I write quite a lot about support scams, an issue in which most commentators in the security industry take only sporadic interest and tend to regard as of only niche interest. (As when a scammer is damaging their brand or product in some way, for instance
The post Support Scams, Malware and Mindgames without Frontiers appeared first on We Live Security.
Feedly:Malwarebytes Unpacked. “Rewards” Page Promises Discount for Your PUP Purchase
from Malwarebytes Unpacked
| The site is called Web Rewards. And it wants you to complete a survey to make sure that the program it offers will address all your computer problems—for a cheaper price.
Categories: Tags: fake Microsoft sitefake rewards sitesurvey scamweb promoweb rewards |
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Companies hope cybersecurity experts in the boardroom can counter hacks
from Security News - Software vulnerabilities, data leaks, malware, viruses
The board of directors at construction and engineering company Parsons Corp. needed to fill a seat two years ago.
Feedly:TrendLabs Security Intelligence Blog. Revisiting CVE-2015-3823: Mediaserver Bug Leads To Heap Overflow, Too
from TrendLabs Security Intelligence Blog
Issues surrounding the Android mediaserver component continue. It has been brought to our attention that a vulnerability (CVE-2015-3823) could (theoretically) be used for arbitrary code execution as well. On August 23, Google raised the severity of this vulnerability to “critical”, indicating that code execution was possible. We have previously discussed how this bug in the mediaserver component of […]
Feedly:We Live Security » Languages » English. Dolphin and Mercury Android browsers have major vulnerabilities
from We Live Security » Languages » English
Dolphin and Mercury Android browsers have major vulnerabilities, allowing for remote code execution and arbitrary reading and writing of files.
The post Dolphin and Mercury Android browsers have major vulnerabilities appeared first on We Live Security.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. International contest asks hackers to write 'evil' code
from Security News - Software vulnerabilities, data leaks, malware, viruses
While most hackathons and programming contests encourage participants to develop usable software, a contest hosted by Binghamton University's Scott Craver asks users to develop code that is "subtly evil."
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Ashley Madison hack strikes fear in outed users
from Security News - Software vulnerabilities, data leaks, malware, viruses
Two years ago, trapped in what he remembers as "a dead marriage," Michael logged on to adulterous dating site Ashley Madison for the first time. He was less than impressed.
Tuesday, August 25, 2015
Feedly:Fortinet Blog. CryptoGirl on StageFright: A Detailed Explanation
from Fortinet Blog
Detecting the PoCs published by Zimperium is not difficult: you can fingerprint the PoCs, for example. Detecting variants of the PoCs, i.e., MP4s that use one of the discovered vulnerabilities, is far more difficult. I'l...
Feedly:SANS Internet Storm Center, InfoCON: green. Actor that tried Neutrino exploit kit now back to Angler, (Wed, Aug 26th)
from SANS Internet Storm Center, InfoCON: green
Introduction
Last week, we saw the group behind a significant ...(more)...
Feedly:We Live Security » Languages » English. An Ashley Madison response plan: does your company have one?
from We Live Security » Languages » English
The Ashley Madison data breach has created fresh cybersecurity threats for all organizations. A company response plan is needed. Here's what you need to know.
The post An Ashley Madison response plan: does your company have one? appeared first on We Live Security.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Audit: California agencies vulnerable to IT security breach
from Security News - Software vulnerabilities, data leaks, malware, viruses
Many California state agencies are not complying with the state's information technology standards, leaving them vulnerable to a major security breach of sensitive data such as Social Security numbers, health information or tax returns, the state auditor reported Tuesday.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Ashley Madison users in US sue cheating website
from Security News - Software vulnerabilities, data leaks, malware, viruses
Eight people across the U.S. who registered to use Ashley Madison are suing the cheating website after hackers released personal and detailed information on them and millions of other users, including credit card numbers and sexual preferences.
Feedly:SANS Internet Storm Center, InfoCON: green. Dropbox Phishing via Compromised Wordpress Site, (Tue, Aug 25th)
from SANS Internet Storm Center, InfoCON: green
I got a couple of emails today notifying me of a Compulsory Email Account Update for my Dropbox a ...(more)...
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. University student pleads guilty to making Android spy app
from Security News - Software vulnerabilities, data leaks, malware, viruses
A Carnegie Mellon University student has pleaded guilty to developing and selling malicious software that allowed others to remotely control Google Android smartphones, including using the phones' cameras to spy on their owners.
Feedly:We Live Security » Languages » English. Revolutionary Windows 95 turns 20
from We Live Security » Languages » English
1995 was a landmark year for technology, the internet and home computing. We can thank Windows 95 for a lot of the perks we find ourselves with today.
The post Revolutionary Windows 95 turns 20 appeared first on We Live Security.
Feedly:Virus alerts. Yet another Android Trojan spies on Chinese users
from Virus alerts
August 25, 2015
Due to the fact that Android.Backdoor.260.origin is distributed as “AndroidUpdate”, potential victims are very likely to install it on their mobile devices.
Android.Backdoor.260.origin has a rather complicated module architecture—that is, its main malicious features are implemented in special modules incorporated into the malware's software package. When launched for the first time, the Trojan extracts the following additional components:
- super,
- detect,
- liblocSDK4b.so,
- libnativeLoad.so,
- libPowerDetect.cy.so,
- 1.dat,
- libstay2.so,
- libsleep4.so,
- substrate_signed.apk,
- cInstall.
Next, it tries to run the binary cInstall file (detected by Dr.Web as Android.BackDoor.41) with root privileges. If the attempt is successful, this malicious module plants a number of files extracted earlier into system folders and tries to stealthily install a utility called “Substrate”. This tool expands functionality of applications and is used by Android.Backdoor.260.origin to intercept entered data. If the Trojan does not succeed in acquiring root privileges, then, most likely, it will fail to install necessary components. As a result, the malware will not be able to perform the majority of its functions properly.
Once all the modules are installed, Android.Backdoor.260.origin removes its shortcut created earlier and launches the malicious service called PowerDetectService. This service runs the malicious module with the name libnativeLoad.so, which has been added to Dr.Web virus database under the name of Android.BackDoor.42, and Substrate (detected by Dr.Web as Tool.Substrate.1.origin). In fact, this tool is not actually malicious and can be easily downloaded from Google Play. However, cybercriminals have modified the original application and incorporated the new version into Android.Backdoor.260.origin. As a result, the tool became potentially dangerous for mobile devices' users.
The libnativeLoad.so component runs the “detect” file (Android.BackDoor.45) that initiates the work of the binary 1.dat module (Android.BackDoor.44). This module, in turn, activates the libsleep4.so library (Android.BackDoor.46) that constantly takes screenshots and intercepts data entered by the user and the libstay2.so library (Android.BackDoor.43) whose purpose is to steal contact list data and monitor SMS messages and messages exchanged via QQ.
Moreover, the 1.dat component can receive a number of commands from the command and control server—among them are the following ones:
- DOW—download a file form the server
- UPL—upload a file to the server
- PLI, PDL, SDA—update malicious modules and settings
- DIR—get the list of files residing in the specified folder
- DTK—write the contents of the specified folder into a file
- OSC, STK—run a search for the specified file of folder
- OSF—abort the search of the specified file
- DEL—delete the specified file
- SCP—take a screenshot
- BGS—activate the microphone and start recording
- GPRS—start tracking GPS coordinates
It should be noted that while some commands are executed by the 1.dat module on its own, other commands are carried out with the help of other malicious libraries that closely communicate with each other through UNIX sockets using the following double-byte commands:
- 0x2633—start recording using the built-in microphone,
- 0x2634—stop recording,
- 0x2635—update the configuration file to record audio,
- 0x2629—copy the contact list,
- 0x2630—copy the contact list,
- 0x2631—copy SMS messages,
- 0x2632—copy the call log,
- 0x2628—forward information on the device's location to the server,
- 0x2532—forward information on the process name of the currently used application,
- 0x2678—upload the data entered by the user to the server.
Once again Doctor Web security researchers would like to warn users against installing applications downloaded from unreliable sources. Moreover, we would like to remind about the importance of protecting your mobile device with reliable anti-virus software. Signatures of Android.Backdoor.260.origin and its components have been added to Dr.Web virus database. Therefore, these malicious programs pose no threat to users of Dr.Web for Android.
Feedly:We Live Security » Languages » English. FTC can punish organisations with poor cybersecurity
from We Live Security » Languages » English
FTC has the authority to hold organisations to account for failing to deliver tough cybersecurity measures.
The post FTC can punish organisations with poor cybersecurity appeared first on We Live Security.
Feedly:Malwarebytes Unpacked. Browsefox variant High Stairs
from Malwarebytes Unpacked
| We take a look at Browsefox variant High Stairs.
Categories: Tags: browsefoxhigh stairsmalwareMalwarebytesPieter ArntzPUPsanbreel |
Feedly:We Live Security » Languages » English. Make password into a story and more parental hacks
from We Live Security » Languages » English
It’s important to ensure your child's data and devices are secure at school and at home. Check out our to back to school digital security guide.
The post Make password into a story and more parental hacks appeared first on We Live Security.
Feedly:Malwarebytes Unpacked. Instagram Follower Booster Leads to SMS Browser Extension PUP
from Malwarebytes Unpacked
| If you try to boost your Instagram follower count, you might just end up increasing the amount of programs installed on your PC instead...
Categories: Tags: extensionfollowersInstagramPUPsmsspam |
Monday, August 24, 2015
Feedly:Malwarebytes Unpacked. A Week in Security (Aug 16 – Aug 22)
from Malwarebytes Unpacked
| A compilation of notable security news and blog posts from August 16 to 22.
Categories: Tags: recapweekly blog roundup |
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Journalist puts Windows 10 face recognition feature to test
from Security News - Software vulnerabilities, data leaks, malware, viruses
If Windows Hello could talk it would possibly be bragging: Hello Mary. Hello Merry. What, you think I can't tell?
Feedly:. Sundown exploit kit adds Internet Explorer exploit before any other kit
from
The Sundown exploit kit has been the first to integrate an exploit for the CVE 2015-2444 bug, using it in a recent watering-hole attack.
Twitter Card Style:
summaryWhile tracking exploit activity, Symantec found that the Sundown exploit kit (EK) has started to take advantage of a recent Internet Explorer vulnerability known as CVE-2015-2444.
Feedly:SANS Internet Storm Center, InfoCON: green. Are You Protecting your "Backdoor" ?, (Mon, Aug 24th)
from SANS Internet Storm Center, InfoCON: green
Hardly anybody has physical access to critical public facing servers. Usually, they are located i ...(more)...
Feedly:The Citizen Lab. Job Posting: Security Researcher / Malware Analyst
from The Citizen Lab
The Citizen Lab at the University of Toronto’s Munk School of Global Affairs is hiring a Security Researcher / Malware Analyst to support our work on threats against civil society.
The post Job Posting: Security Researcher / Malware Analyst appeared first on The Citizen Lab.
Feedly:. Android ransomware: Tricks of the trade
from
A look at some of the detection-evasion and anti-analysis tactics employed by Android ransomware.
Twitter Card Style:
summary
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Despite Ashley Madison furore, our view of infidelity has not always been fixed
from Security News - Software vulnerabilities, data leaks, malware, viruses
When in 2010 I interviewed Noel Biderman, founder of infidelity website Ashley Madison, he said: "It's easy to vilify me. But I'm not doing anything wrong. I didn't invent infidelity." He had a point, though at the time the moral outrage generated by the site suggested that Biderman had not only invented adultery, but all the evil in the internet too.
Feedly:We Live Security » Languages » English. How does facial recognition technology work?
from We Live Security » Languages » English
In this hi-tech age, your face is increasingly becoming a digital ID or authenticating who you are online. We look at how facial recognition software works.
The post How does facial recognition technology work? appeared first on We Live Security.
Feedly:We Live Security » Languages » English. Ashley Madison members ‘easy target for extortion’
from We Live Security » Languages » English
There is the very real possibility that members of the infidelity website Ashley Madison may be subject to extortion threats.
The post Ashley Madison members ‘easy target for extortion’ appeared first on We Live Security.
Feedly:Fox-IT International blog. Finding the hidden attacker in your network
from Fox-IT International blog
Imagine the following scenario: you are the CIO of an organization and receive a phone call from an external party, informing you that suspicious traffic has been observed between your company network and a remote server. The incident response turns up that an attacker has been present in your network for over 6 months, and […]
Sunday, August 23, 2015
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Are we too predictable in our Android lock patterns?
from Security News - Software vulnerabilities, data leaks, malware, viruses
After months—no, years— of security blogs telling us how dumb it is to choose easy to guess passwords such as password1234, we look for answers in ideas for strong authentication schemes. As for the Android pattern method of locking screens, one study coming from Norway suggests we're not exactly talking magic bullets.
Saturday, August 22, 2015
Friday, August 21, 2015
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Ashley Madison hackers vow more attacks: report
from Security News - Software vulnerabilities, data leaks, malware, viruses
The hacking group behind the Ashley Madison breach compared the affair-seeking website to "a drug dealer abusing addicts" in an email exchange threatening to carry out more attacks.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Experts: Deleted online information never actually goes away
from Security News - Software vulnerabilities, data leaks, malware, viruses
The Ashley Madison hack is a big reminder to all Web users: If you submit private data online, chances are it will never fully be deleted.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Things to know about Ashley Madison breach: Who's affected?
from Security News - Software vulnerabilities, data leaks, malware, viruses
The spectacular breach at adultery site Ashley Madison gave rise to sordid tales of horrified spouses rushing to get tested for sexually transmitted diseases, frantic phone calls to lawyers and torrid confrontations with spouses. But hard information has been hard to come by. Even the true number of people affected by the breach has been clouded by uncertainty over how many of the roughly 39 million members Ashley Madison claims to have are genuine.
Feedly:Malwarebytes Unpacked. Round 2 – Impact Team vs. Ashley Madison
from Malwarebytes Unpacked
| Quantum Magazine, an online magazine accessible only via the dark-web client known as TOR, was first to get the scoop on the newest data release from the Ashley Madison hack that was executed by Impact Team.
Categories: Tags: ashley madisonashley madison hackimpact team |
Feedly:Malwarebytes Unpacked. Telstra Media’s Homepage Pushes Malvertising
from Malwarebytes Unpacked
| Telstra home users may have been infected via a malicious ad on the ISP's home page.
Categories: |
Feedly:Malwarebytes Unpacked. Exploring an “MBAM for Windows 10” website…
from Malwarebytes Unpacked
| We take a look at a site offering up a "Windows 10 ready" version of MBAM.
Categories: Tags: MBAMPUPwindows 10 |
Feedly:We Live Security » Languages » English. How to nurture your child’s security genius
from We Live Security » Languages » English
Is your child an internet security genius? If cybersecurity is their thing and you think it could be their future livelihood, here’s what you can do to harness that potential for a career that is exciting and financially lucrative. Sign up for free online courses Signing up for the CISSP (Certified Information Systems Security Professional) course
The post How to nurture your child’s security genius appeared first on We Live Security.
Feedly:We Live Security » Languages » English. Ambiguous new Windows 10 update ‘improves functionality’
from We Live Security » Languages » English
The new Windows 10 update doesn’t offer any detail as to what it fixes or improves, leaving many to question why the tech giant has been so vague.
The post Ambiguous new Windows 10 update ‘improves functionality’ appeared first on We Live Security.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Honeypots versus hackers
from Security News - Software vulnerabilities, data leaks, malware, viruses
Production processes are becoming increasingly interconnected with digital communications technologies, opening new gateways for criminals operating on the Internet. The IT Security Technology Field at Siemens Corporate Technology is developing sophisticated solutions to protect against cyber crime and is subjecting them to rigorous testing, in part using its own team of hackers.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Why there must be freedom to publish flaws and security vulnerabilities
from Security News - Software vulnerabilities, data leaks, malware, viruses
Two academics have been given permission to publish their security research which reveals vulnerabilities in a wireless car locking system. It comes two years after Volkswagen, one of the manufacturers using it, won a court injunction banning publication.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Life's short, have you had an affair?
from Security News - Software vulnerabilities, data leaks, malware, viruses
Today, millions of very nervous adults are furtively checking sites like "Have I been Pwned" to check if their account details at Ashley Madison have been leaked. Others are checking if their partners or acquaintances had accounts. The hacking and subsequent release of data from the world's biggest infidelity-focussed dating service continues to reverberate, provoking an interesting suite of ethical questions.
Feedly:Malwarebytes Unpacked. Stranger Danger and the Sociable Child
from Malwarebytes Unpacked
| Coby Persin, a known prankster online, has demonstrated in a viral video how easily any one’s underage child can be lured by pedophiles to meet them in person. So I dived in to see the results of his social experiment myself.
Categories: Tags: coby persin viral videodangers of social mediakids online safetyonline safety for kidssocial experimentviral video |
Feedly:Securelist - Information about Viruses, Hackers and Spam. A Phishing Trampoline – embedding redirects in PDF documents
from Securelist - Information about Viruses, Hackers and Spam
Today I ran into a typical fraud email claiming to come from a U.S. bank but with a twist! Analyzing the attachment, it turns out that there’s no malware inside but instead a new middle step to fool lesser security software.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Cheating site logged federal subscribers with sensitive jobs
from Security News - Software vulnerabilities, data leaks, malware, viruses
U.S. government employees with sensitive jobs in national security or law enforcement were among hundreds of federal workers found to be using government networks to access and pay membership fees to the cheating website Ashley Madison, The Associated Press has learned.
Feedly:TrendLabs Security Intelligence Blog. Ashley Madison: A Tale of Sex, Lies, and Data Breaches
from TrendLabs Security Intelligence Blog
Data breaches rarely make for sensational news. Media outlets may report about them but public interest often dies down after a week or two. Or that was the case until the Ashley Madison breach happened. The recent leak of the Ashley Madison accounts is the culmination of a month-long digital stand-off between the site that […]
Thursday, August 20, 2015
Feedly:SANS Internet Storm Center, InfoCON: green. A recent decline in traffic associated with Operation Windigo, (Fri, Aug 21st)
from SANS Internet Storm Center, InfoCON: green
Introduction
According to a 2014 report by ESET, Windigo is t ...(more)...
Feedly:We Live Security » Languages » English. Bundestag computer system goes offline
from We Live Security » Languages » English
The computer system in the Bundestag is now offline, to allow technicians to perform essential maintenance work.
The post Bundestag computer system goes offline appeared first on We Live Security.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Q&A: Ashley Madison hack only latest high-profile breach
from Security News - Software vulnerabilities, data leaks, malware, viruses
The data breach affecting customers of the Ashley Madison website may be salacious, embarrassing or even ruinous for those involved. But it's only the latest, and not the biggest, high-profile breach of customer or employee data reported in recent years.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Cheating website subscribers included WH, Congress workers
from Security News - Software vulnerabilities, data leaks, malware, viruses
Hundreds of U.S. government employees—including some with sensitive jobs in the White House, Congress and law enforcement agencies—used Internet connections in their federal offices to access and pay membership fees to the cheating website Ashley Madison, The Associated Press has learned.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. New data leaked from 'cheater' site Ashley Madison
from Security News - Software vulnerabilities, data leaks, malware, viruses
Hackers released a second batch of data Thursday from the affair-seeker website Ashley Madison, including corporate emails and sensitive computer source code.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Trusted electronic hardware: Top 10 list of what consumers trust most
from Security News - Software vulnerabilities, data leaks, malware, viruses
Society puts a lot of trust in its electronic devices. Whether following a GPS to the beach or paying a bill online, consumers rely on their electronics for everyday tasks.
Feedly:Malwarebytes Unpacked. Malvertising Hits Online Dating Site PlentyOfFish
from Malwarebytes Unpacked
| We detected a malvertising attack on popular dating site PlentyOfFish (POF) which draws over 3 million daily users. The attack chain uses the Google URL shortener goo.gl as intermediary to load the Nuclear exploit kit. While we see this mechanism quite frequently within our telemetry, it is particularly difficult to reproduce it in a lab environment. www.pof.com […]
Categories: |
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Indiana man pleads guilty in cybercriminal marketplace case
from Security News - Software vulnerabilities, data leaks, malware, viruses
An Indianapolis man is the latest to plead guilty to participating in a cybercriminal marketplace where hackers schemed to cripple or steal information from computers and cellphones.
Feedly:We Live Security » Languages » English. Parents ‘worry’ about the online safety of their children
from We Live Security » Languages » English
The internet is arguably the new frontier for communication, collaboration and business but, with criminals also using it for ill-gotten gains, it does have its bad parts too. And this is making life difficult for parents struggling to keep up with their child’s technology obsession. In bygone eras, parents’ concerns over their children were relatively
The post Parents ‘worry’ about the online safety of their children appeared first on We Live Security.
Feedly:We Live Security » Languages » English. Web.com experiences data breach
from We Live Security » Languages » English
Web.com reveals that was the victim of a data breach this month, which affected up to 93,000 of its customers.
The post Web.com experiences data breach appeared first on We Live Security.
Feedly:Securelist - Information about Viruses, Hackers and Spam. New activity of The Blue Termite APT
from Securelist - Information about Viruses, Hackers and Spam
The main focus of Blue Termite is to attack Japanese organizations; and most of their C2s are located in Japan. The attack is still active and the number of victims has been increasing.
Feedly:Securelist - Information about Viruses, Hackers and Spam. You’re Paying for Your Starbucks, One Way or the Other
from Securelist - Information about Viruses, Hackers and Spam
Today, I received this message from a friend living in Mexico via Whatsapp.
Wednesday, August 19, 2015
Feedly:Fortinet Blog. Fast and Secure: MSSPs Highlighted In Sydney and Melbourne
from Fortinet Blog
[Editor's Note: The following is a recap of the recent ANZ Fast And Secure Event provided by Tracey Roberts, Fortinet Marketing Manager for ANZ] More than 120 Partners, Distributors and Fortinet Staff came together last week in Sydney and Melbou...
Feedly:SANS Internet Storm Center, InfoCON: green. Actor using Angler exploit kit switched to Neutrino, (Thu, Aug 20th)
from SANS Internet Storm Center, InfoCON: green
Introduction
Ive often had a hard time finding compromised we ...(more)...
Feedly:We Live Security » Languages » English. Back to university: cybersecurity now a major concern in higher education
from We Live Security » Languages » English
Cybersecurity in higher education was top of mind and top of the agenda at the latest Campus Technology conference, in Boston.
The post Back to university: cybersecurity now a major concern in higher education appeared first on We Live Security.
Feedly:Malwarebytes Unpacked. Inside Neutrino botnet builder
from Malwarebytes Unpacked
| It is common practice among cybercriminals to sell their products in the form of packages, consisting of: a malicious payload – a front-end of the malware that is used for infecting users a C&C panel – a backend of the malware, usually designed as a web-application, often dedicated to LAMP environment a builder – an […]
Categories: |
Feedly:Malwarebytes Unpacked. Scam Banking on Roller Coaster Disaster Seen in the Wild
from Malwarebytes Unpacked
| Theme park disasters are not uncommon themes when it comes to juicy clickbaits. Real or not, it's always best to verify the truthfulness of any news headline we see on social media.
Categories: Tags: facebook phishingfacebook scamphishingroller coaster disastershocking videotheme park accident |
Feedly:Malwarebytes Unpacked. Time’s Up! – Ashley Madison Data Released
from Malwarebytes Unpacked
| Impact Team, the group behind the Ashley Madison hack, recently released over 32GB of data about the company behind the "online cheating site" and their customer base.
Categories: Tags: ashley madisonashley madison hackimpact team |
Feedly:. New Internet Explorer zero-day exploited in Hong Kong attacks
from
Bug patched by Microsoft yesterday (CVE-2015-2502) has already been exploited in watering hole attacks to deliver Korplug malware.
Twitter Card Style:
summary
Feedly:SANS Internet Storm Center, InfoCON: green. Outsourcing critical infrastructure (such as DNS), (Wed, Aug 19th)
from SANS Internet Storm Center, InfoCON: green
Migrating everything to cloud or various online services is becoming increasingly popular in last ...(more)...
Feedly:Securelist - Information about Viruses, Hackers and Spam. Indicators of compromise as a way to reduce risk
from Securelist - Information about Viruses, Hackers and Spam
“Indicators of compromise” help to use threat data effectively: identify malware and quickly respond to incidents. These indicators are very often included in threat reports. How should information system administrators use this data in practice?
Feedly:We Live Security » Languages » English. Impact Team releases stolen Ashley Madison data online
from We Live Security » Languages » English
The Impact Team have released stolen Ashley Madison data on the dark web, which includes personal information belonging to 37 million users of the website.
The post Impact Team releases stolen Ashley Madison data online appeared first on We Live Security.
Feedly:We Live Security » Languages » English. MumsNet hit by hack, DDoS attack and SWAT
from We Live Security » Languages » English
Mumsnet, the phenomenally popular British parenting website, has suffered an attack from hackers which has seen users' accounts breached, and passwords stolen. And the damage doesn't end there...
The post MumsNet hit by hack, DDoS attack and SWAT appeared first on We Live Security.
Feedly:Malwarebytes Unpacked. WOC STEM CON
from Malwarebytes Unpacked
| Conferences revolving around women in STEM are rare today. So imagine our surprise when we found one event that continues to thrive for more than 15 years.
Categories: Tags: stemstem conferenceWOCwomen in stemwomen of color conference |
Feedly:We Live Security » Languages » English. Car security vulnerability study finally sees light of day
from We Live Security » Languages » English
A major security vulnerability study into modern cars has finally been released, two years after it was originally intended to be published.
The post Car security vulnerability study finally sees light of day appeared first on We Live Security.
Feedly:We Live Security » Languages » English. Back to school: 5 challenges that parents and teachers face in IT security
from We Live Security » Languages » English
With children gradually going back to school in Latin American regions, it’s time to remind our children of the importance of IT security.
The post Back to school: 5 challenges that parents and teachers face in IT security appeared first on We Live Security.
Tuesday, August 18, 2015
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Hackers post data from affair dating site: report
from Security News - Software vulnerabilities, data leaks, malware, viruses
Hackers have released stolen information from some 32 million users of the affair website Ashley Madison, tech magazine Wired reported.
Feedly:TrendLabs Security Intelligence Blog. Microsoft Issues Out-of-band Patch For Internet Explorer
from TrendLabs Security Intelligence Blog
Microsoft has released MS15-093, an out-of-band update for all supported versions of Windows. This bulletin fixes a vulnerability in Internet Explorer (designated as CVE-2015-2502) that allowed an attacker to run arbitrary code on a user’s system if they visited a malicious site. A compromised site, spear phishing, and/or malicious ads could all be used to deliver exploits […]
Feedly:. Remote code execution vulnerability in Internet Explorer patched
from
Symantec advises users to use Windows Update or the Microsoft Download Center to protect against CVE-2015-2502.
Twitter Card Style:
summary
Feedly:Fortinet Blog. Adobe Gets Its Patch On
from Fortinet Blog
Researchers at FortiGuard Labs recently discovered another heap overflow vulnerability in the Adobe Flash Player. The vulnerability, CVE-2015-5129, is similar to a larger group of security issues found in Flash Player, all of which cou...
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Target reaches deal to settle breach claims with Visa
from Security News - Software vulnerabilities, data leaks, malware, viruses
Target says it's reached a settlement with Visa related to its massive 2013 data breach that resulted in the theft of millions of debit and credit card numbers.
Feedly:TrendLabs Security Intelligence Blog. Pawn Storm’s Domestic Spying Campaign Revealed; Ukraine and US Top Global Targets
from TrendLabs Security Intelligence Blog
Why would Pawn Storm, the long-running cyber-espionage campaign, set its sights on a Russian punk rock group? Sure, Pussy Riot is controversial. Members of the feminist band had previously been thrown in jail for their subversive statements against the Orthodox Church and Russian patriarchal system. But why would attackers have any interest in them? What […]
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Man to plead guilty to role in cybercriminal marketplace
from Security News - Software vulnerabilities, data leaks, malware, viruses
A Florida man is scheduled to plead guilty to his role in a cybercriminal marketplace where hackers bought and sold stolen databases, malicious software and other products that could cripple or steal information from computers and cellphones.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. BitTorrent vulnerability to DRDoS attacks uncovered
from Security News - Software vulnerabilities, data leaks, malware, viruses
A quartet of researchers, two with City University of London and one each with PLUMgrid Inc. and THM Friedberg has released a paper first shown at the recent USENIX Woot '15, detailing what they claim is a major vulnerability of the BitTorrent protocol. The problem is that it opens up BitTorrent hosts to distributed reflective denial of service (DRDoS) attacks—by as few as one single perpetuator. Such attacks are becoming a bigger problem as BitTorrent communities have grown in size over the past several years—they now number in the millions.
Feedly:F-Secure Antivirus Research Weblog. Soon…
from F-Secure Antivirus Research Weblog
Our "construction project" is progressing nicely.
And it should resolve this…
Fix mobile usability issues?
Translation: your site doesn't help us sell more Android phones and ads.
But whatever, the "issues" should be fixed soon enough.
On 18/08/15 At 12:52 PM
Subscribe to:
Posts (Atom)
