from
A new remote code execution vulnerability affecting the compression utility is less dangerous than first believed.
Twitter Card Style:
summaryWednesday, September 30, 2015
Feedly:TrendLabs Security Intelligence Blog. 3,000 High-Profile Japanese Sites Hit By Massive Malvertising Campaign
from TrendLabs Security Intelligence Blog
Malvertising and exploit kits work hand-in-hand – and are an amazingly effective threat that keeps victimizing users over and over again. The latest victim? Users in Japan. Since the start of September, almost half a million users have been exposed to a malvertising campaign powered by the Angler exploit kit. This particular attack was highly targeted […]
Feedly:SANS Internet Storm Center, InfoCON: green. Recent trends in Nuclear Exploit Kit activity, (Thu, Oct 1st)
from SANS Internet Storm Center, InfoCON: green
Introduction
Since mid-September 2015, Ive generated a great ...(more)...
Feedly:Fortinet Blog. A Quick Look at a Recent RIG Exploit Kit Sample
from Fortinet Blog
RIG Exploit Kit was upgraded to v3.0 a while back. While RIG EK was never as active as other exploit kits such as Angler or Nuclear, it is one of the more 'stable' EKs in terms of its near constant presence on the Internet. We will talk abou...
Feedly:The Citizen Lab. Irene Poetranto at Colombia’s Internet Governance Forum
from The Citizen Lab
Citizen Lab Communications Officer and Researcher Irene Poetranto will speak at a number of cybersecurity events in Latin America, including the second annual Colombian Internet Governance Forum.
The post Irene Poetranto at Colombia’s Internet Governance Forum appeared first on The Citizen Lab.
Feedly:. Apple’s “Gatekeeper” in Mac OS X vulnerable to simple bypass
from
Researcher Patrick Wardle details security weakness in Apple’s “Gatekeeper” in Mac OS X that could allow attackers to run unverified, unsigned code.
Twitter Card Style:
summary
Tomorrow at the Virus Bulletin conference in Prague, researcher Patrick Wardle is set to highlight a security weakness in Apple’s Mac OS X “Gatekeeper” technology that could allow attackers to run unverified, unsigned code.
Feedly:SANS Internet Storm Center, InfoCON: green. Mistakenly-deployed test patch leads to suspicious Windows update , (Wed, Sep 30th)
from SANS Internet Storm Center, InfoCON: green
Earlier today, various sources reporteda highly-suspicious Windows update. According to Ars Techn ...(more)...
Feedly:TrendLabs Security Intelligence Blog. New “Ghost Push” Variants Sport Guard Code; Malware Creator Published Over 600 Bad Android Apps
from TrendLabs Security Intelligence Blog
By Yang Yang, Jordan Pan Halloween is still a month from now and yet Android users are already being haunted by the previously reported “Ghost Push” malware, which roots devices and makes them download unwanted ads and apps. The malware is usually packaged with apps that users may download from third-party app stores. Further investigation of GhostPush […]
Feedly:We Live Security » Languages » English. Significant WinRAR vulnerability identified
from We Live Security » Languages » English
An expert says that the popular compression tool WinRAR contains a significant vulnerability that exposes it to an attack.
The post Significant WinRAR vulnerability identified appeared first on We Live Security.
Feedly:. How Android’s evolution has impacted the mobile threat landscape
from
Significant behavioral changes made to the Android mobile operating system have affected malware and how it applies to non-rooted devices.
Twitter Card Style:
summary
Feedly:We Live Security » Languages » English. Virtual skyscraper Cyphinx hopes to find cyber talent
from We Live Security » Languages » English
A 3D skyscraper has been developed to help the Cyber Security Challenge find the next generation of cyber talent.
The post Virtual skyscraper Cyphinx hopes to find cyber talent appeared first on We Live Security.
Feedly:We Live Security » Languages » English. UK parents ‘want minimum age for smartphone ownership’
from We Live Security » Languages » English
A survey has found that most parents in the UK are keen to see a minimum age introduced for smartphone ownership.
The post UK parents ‘want minimum age for smartphone ownership’ appeared first on We Live Security.
Tuesday, September 29, 2015
Feedly:SANS Internet Storm Center, InfoCON: green. Tricks for DLL analysis, (Tue, Sep 29th)
from SANS Internet Storm Center, InfoCON: green
Very often I get questions on how to perform analysis on DLL files.
Feedly:Malwarebytes Unpacked. Latest WinRAR Vulnerability has Yet to be Patched
from Malwarebytes Unpacked
 |
|
| Warning about an unpatched vulnerability in the popular compression software WinRAR.
Categories: Tags: malicious codePieter Arntzunpatchedvulnerabilitywinrar |
Feedly:Malwarebytes Unpacked. This Instagram Account Preys on Your Trust Issues
from Malwarebytes Unpacked
 |
|
| We recently discovered an account that baits users with the lure of catching his/her potentially cheating partner red-handed using a “trusted” service. All he/she needs is the target’s phone number.
Categories: Tags: catch your cheating partnerinstagram scaminstragramscam |
Feedly:Malwarebytes Unpacked. Skype Hacking Tool: A Sting in the Tail…
from Malwarebytes Unpacked
 |
|
| Resist the temptation to try out this so-called "Skype Hacking Tool" or you may get more than you bargained for...
Categories: Tags: backdoorhackerSkypetrojan |
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Identifying problems with national identifiers: Supposedly encrypted numbers can be easily decrypted
from Security News - Software vulnerabilities, data leaks, malware, viruses
In a pair of experiments that raise questions about the use of national identifying numbers, Harvard researchers have shown that Resident Registration Numbers (RRN) used in South Korea can be decrypted to reveal a host of personal information.
Feedly:We Live Security » Languages » English. Viruses, bulletins, surveys, and gender: hashtag #VB2015
from We Live Security » Languages » English
Virus Bulletin 2015 in Prague could be the biggest ever, a great place to discover the latest developments in malware protection and information security, and address issues like the infosec skills gap.
The post Viruses, bulletins, surveys, and gender: hashtag #VB2015 appeared first on We Live Security.
Feedly:Virus alerts. Warning: Malicious emails claiming to be from Doctor Web
from Virus alerts
September 29, 2015
Lately, some Internet users have received email messages claiming to be from Doctor Web. The messages having the “Hello [user name], we would like to invite you to become our Tester" header (“Здравствуйте, [имя пользователя], станьте нашим Тестером”) offer users to take part in testing of some tool called “Dr.Web CureIt 2”. At that, cybercriminals prompt the user to turn off their anti-virus software because it can be incompatible with the “tool”.
One known case of this malicious mailing was registered on September 29, 2015, at 04:10 (Moscow time). The link from the message leads to a fraudulent website from which a Trojan, dubbed Trojan.PWS.Stealer.13052, gets downloaded to the victim's computer.
This malicious program is designed to steal passwords and other confidential information stored on the compromised computer. Doctor Web would like to inform users that we are not conducting any tests of “Dr.Web CureIt 2”. Moreover, we strongly advise against installing and running any applications downloaded by opening links from such email messages.
The signature of Trojan.PWS.Stealer.13052 has been added to Dr.Web virus databases, and the fraudulent website has been added to the base of non-recommended websites. Do not, under any circumstances, disable your anti-virus software.
Feedly:We Live Security » Languages » English. Vulnerable medical equipment details disclosed online
from We Live Security » Languages » English
Vulnerable hospital equipment details can be found online, two security researchers have found.
The post Vulnerable medical equipment details disclosed online appeared first on We Live Security.
Feedly:Virus alerts. Trojan sets up proxy servers on Linux computers
from Virus alerts
September 29, 2015
Linux.Ellipsis.1 is designed to set up a proxy server on the attacked machine. However, this sample is not like other malicious programs targeting Linux—its behavior was called “paranoid” by Doctor Web security researchers. It is already known that cybercriminals use such proxy servers to get anonymous access to devices hacked by another malicious program dubbed Linux.Ellipsis.2. The attack scheme looks as follows: using Linux.Ellipsis.2, cybercriminals get unauthorized access via SSH to any network device or computer and then use it to perform their malicious activities while maintaining anonymity thanks to Linux.Ellipsis.1.
Let us now have a closer look at Linux.Ellipsis.1.
Once launched on the infected machine, Linux.Ellipsis.1 removes its own working directory, clears the list of iptables rules, and attempts to “kill” processes of a number of running applications—for example, of programs used to log events and analyze traffic. After that, the Trojan replaces existing directories and system log files with folders under the same names—this makes creation of logs with identical names in future impossible.
Next, Linux.Ellipsis.1 modifies the "/etc/coyote/coyote.conf" configuration file by adding the alias passwd=cat\n string. Then it removes a number of system tools from /bin/, /sbin/, and /usr/bin/ and adds the immutable attribute to some files necessary for its operation. Moreover, the Trojan blocks subnet IP addresses specified in the configuration file or in the command received by the Trojan. At that, “blocking” means that after an appropriate iptables rule is created, a specific IP address is not allowed to send or receive packages over a specified port or protocol.
The main purpose of Linux.Ellipsis.1 is to set up a proxy server on the infected computer. For that, the Trojan monitors connections on a local address and port proxying all traffic transmitted via them.
Compared to other malicious programs, the behavior of Linux.Ellipsis.1 is rather unique—the Trojan encompasses a list of strings for which it searchers network traffic. If any of the strings is detected, the Trojan blocks data transfer to the corresponding remote server at the IP address. The list of forbidden words also has a part which changes in accordance with the contents of the incoming package. For example, if the incoming package contains the “User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)” string, the list is appended with the “eapmygev.” and “ascuviej.” values. Moreover, the Trojan uses the list of ignored and suspicious words too.
The “paranoid” behavior of Linux.Ellipsis.1 also lies in the fact that, apart from blocking remote nodes from the list, it checks all network connections and sends the remote server the IP address to which the connection is established. If the server responds with the “kill” command, the Trojan shuts down the application that established the connection and blocks the IP address using iptables. In the home directory, Linux.Ellipsis.1 creates the "ip.filtered" file, where "ip" is replaced with a string representation of the blocked IP address. The same check is applied to processes that contain "sshd" in their names. IP addresses from the lists are blocked forever, while other addresses are blocked just for 2 hours—once every half an hour, a separate malicious process scans the contents of the home directory looking for files that were created more than two hours ago and whose names start with an IP address. After that, these files are deleted and a corresponding rule in iptables is created.
Right after Linux.Ellipsis.1 was detected, Doctor Web security researchers traced Linux.Ellipsis.2 which is, judging by some of its features, a creation of the same virus writer and is designed to brute-force passwords. Like Linux.Ellipsis.1, this Trojan clears the list of iptables rules, removes applications that are “in its way”, creates folders to prevent the system from logging events, and refers for tasks to the server whose address it gets as an incoming argument on startup. Linux.Ellipsis.2 calculates the total number of scanning threads and SSH connections on the basis of the infected computer' processor frequency.
A task obtained from the server contains an IP address of a subnet that the malicious program scans for devices with open SSH connections on port 22. If such devices are detected, the Trojan tries to connect to them by going through all login:password pairs from a special list. If such an attempt is successful, the Trojan sends an appropriate message to the server controlled by cybercriminals.
Signatures of all the programs mentioned in this article have been added to Dr.Web virus database. Therefore, these Trojans pose no threat to Dr.Web users.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Musicians Armin van Buuren, Luke Bryan most dangerous online
from Security News - Software vulnerabilities, data leaks, malware, viruses
If you're planning to look up Usher, Luke Bryan or producer Armin van Buuren on the web, take heed.
Feedly:Malwarebytes Unpacked. Crowdfunder Indiegogo Misused by Spammers
from Malwarebytes Unpacked
 |
|
| Spammers are misusing the services of Indiegogo with spammy project pages offering up a variety of so-called "deals"...
Categories: |
Monday, September 28, 2015
Feedly:Malwarebytes Unpacked. Malvertising Via Google AdWords Leads to Fake BSOD
from Malwarebytes Unpacked
 |
|
| Tech support scammers launch the infamous fake Blue Screen Of Death via a Google AdWords malvertising campaign.
Categories: |
Feedly:The Citizen Lab. An Analysis of the International Code of Conduct for Information Security
from The Citizen Lab
As the United Nations General Assembly begins its milestone 70th session, international digital security is high on the agenda. One starting point for discussion is likely to be the International Code of Conduct for Information Security (the “Code”). This analysis explores how the Code has developed over time, impetus behind the changes made, and the potential impact of the Code on international human rights law and its application. It is accompanied by an interactive comparison of the 2015 and 2011 versions of the Code.
The post An Analysis of the International Code of Conduct for Information Security appeared first on The Citizen Lab.
Feedly:Malwarebytes Unpacked. Pornhub, YouPorn Latest Victims of Adult Malvertising Campaign
from Malwarebytes Unpacked
 |
|
| The malvertising campaign against adult sites continues, makes more victims.
Categories: Tags: anglerexoclickexploit kitmalvertisingpornhubyouporn |
Feedly:TrendLabs Security Intelligence Blog. Moving Forward with EMV and Other Payment Technologies
from TrendLabs Security Intelligence Blog
October 1st ushers in a significant shift for merchants, banks, and consumers. It is deadline day for merchants in the United States to switch to EMV technology. EMV stands for Europay, MasterCard, and Visa, the three companies that created the EMV consortium in 1994 to develop new technologies to counteract payment card fraud. With this […]
Feedly:Malwarebytes Unpacked. Regaining control over Edge
from Malwarebytes Unpacked
 |
|
| With the public introduction of Windows 10 and its default browser, Edge, we have noticed that quite a few people have run into this predicament: If Edge is set to start with the same tabs that were open when it was last closed (Previous pages), and you happened to get redirected to a site that […]
Categories: Tags: AutoRecoverbrowlockedgePieter Arntzprevious pagesRecoverstartpage |
Feedly:Fortinet Blog. Detour Ahead...Please Engage Brain
from Fortinet Blog
It was a morning like lots of others...I was headed to the airport for a week in our home office, so I got an early start, checked on the sheep on the way out (yes, sheep), and got on the road. Aside from being ridiculously early, the ride was uneven...
Feedly:We Live Security » Languages » English. Compromised Uber accounts ‘being used in China’
from We Live Security » Languages » English
It has been reported that compromised Uber accounts are being used by criminals in China.
The post Compromised Uber accounts ‘being used in China’ appeared first on We Live Security.
Feedly:SANS Internet Storm Center, InfoCON: green. "Transport of London" Malicious E-Mail, (Mon, Sep 28th)
from SANS Internet Storm Center, InfoCON: green
This morning, I received several e-mails with the subject Email from Transport of London. The att ...(more)...
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Researchers study users to increase cyber security
from Security News - Software vulnerabilities, data leaks, malware, viruses
Missouri University of Science and Technology researchers are working to build a framework to study the online behavior of Internet users and how that behavior affects the safety of systems and networks.
Feedly:Securelist - Information about Viruses, Hackers and Spam. Gaza cybergang, where’s your IR team?
from Securelist - Information about Viruses, Hackers and Spam
Gaza cybergang is a politically motivated Arabic cybercriminal group operating in the MENA (Middle East North Africa) region, mainly Egypt, United Arab Emirates and Yemen. The group has been operating since 2012 and became particularly active in Q2 2015.
Feedly:TrendLabs Security Intelligence Blog. Two New PoS Malware Affecting US SMBs
from TrendLabs Security Intelligence Blog
Following the seemingly quiet state of point-of-sale (PoS) malware these past few months, we are now faced with two new PoS malware named Katrina and CenterPoS now available to cybercriminals. In our 2Q Security Roundup released in August, we reported new PoS malware discoveries, namely FighterPoS in April, MalumPoS in June, and GamaPoS a month […]
Sunday, September 27, 2015
Feedly:We Live Security » Languages » English. Virus Bulletin 2015
from We Live Security » Languages » English
Some of the good things in store for those attending Virus Bulletin 2015.
The post Virus Bulletin 2015 appeared first on We Live Security.
Saturday, September 26, 2015
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Analysis: US-China agreement on cybertheft a first step
from Security News - Software vulnerabilities, data leaks, malware, viruses
China's pledge to help crack down on hackers who steal commercial secrets from the United States, even coming as it did amid a bit of arm-twisting by President Barack Obama, is a big breakthrough that could reduce U.S.-China tensions and end huge losses for American companies.
Friday, September 25, 2015
Feedly:Malwarebytes Unpacked. Fake online Avast scanner
from Malwarebytes Unpacked
 |
|
| Thanks to a tip from a friend, we came across a fake online scanner that abuses the good name of Avast. The idea to get you to visit this site is by waiting for someone to make a typo and end up at facebooksecuryti(dot)com. The site shows a picture of a pornographic nature just long […]
Categories: Tags: avastavast.servicesfakeonlinePieter Arntzscanner |
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. US and China agree to stop cyber-theft for profit
from Security News - Software vulnerabilities, data leaks, malware, viruses
The United States and China have agreed not to conduct or condone cyber attacks on each other's private sector for commercial gain, US President Barack Obama and his counterpart Xi Jinping said Friday.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Hackers have finally breached Apple's security but your iPhone's probably safe (for now)
from Security News - Software vulnerabilities, data leaks, malware, viruses
Cyber security experts recently discovered that the almost impenetrable Apple App Store had been hacked. While cyber break-ins have become routine news for many companies, Apple has long prided itself on providing technology for its phones and tablets that was incredibly secure.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Scientists stop and search malware hidden in shortened urls on Twitter
from Security News - Software vulnerabilities, data leaks, malware, viruses
Cyber-criminals are taking advantage of real-world events with high volumes of traffic on Twitter in order to post links to websites which contain malware.
Feedly:We Live Security » Languages » English. DHS working on ‘self-destructing’ security chip for smartphones
from We Live Security » Languages » English
A security chip that self-protects the device it is embedded in is being developed by the Department for Homeland Security.
The post DHS working on ‘self-destructing’ security chip for smartphones appeared first on We Live Security.
Feedly:We Live Security » Languages » English. Virus Bulletin small talk: Diversity in tech
from We Live Security » Languages » English
Ahead of next week's Virus Bulletin conference, ESET's Lysa Myers offers a teaser of what to expect of her "small talk" with colleague Stephen Cobb.
The post Virus Bulletin small talk: Diversity in tech appeared first on We Live Security.
Feedly:We Live Security » Languages » English. Why parents must teach their children about internet security
from We Live Security » Languages » English
Children as young as five are surfing the web on a daily basis, but are parents doing enough to educate them on the dangers of the online world? We investigate.
The post Why parents must teach their children about internet security appeared first on We Live Security.
Feedly:SANS Internet Storm Center, InfoCON: green. Mozilla Foundation Security Advisory 2015-112, (Fri, Sep 25th)
from SANS Internet Storm Center, InfoCON: green
Firefox has announced several vulnerabilities in Firefox and Firefox ESR which were reported byRo ...(more)...
Feedly:Malwarebytes Unpacked. SSL Malvertising Campaign Targets Top Adult Sites
from Malwarebytes Unpacked
 |
|
| A long running malvertising campaign hits major adult sites with a carefully crafted advert.
Categories: Tags: anglerexploitmalvertisingSSL |
Feedly:We Live Security » Languages » English. iOS 9 security flaw lets attackers access device through Siri
from We Live Security » Languages » English
Apple’s iOS 9 contains a security flaw that lets cybercriminals gain limited access to a device through Siri.
The post iOS 9 security flaw lets attackers access device through Siri appeared first on We Live Security.
Thursday, September 24, 2015
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Audit finds slipshod cybersecurity at HealthCare.gov
from Security News - Software vulnerabilities, data leaks, malware, viruses
The government stored sensitive personal information on millions of health insurance customers in a computer system with basic security flaws, according to an official audit that uncovered slipshod practices.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Snowden on video at NYC forum to promote privacy treaty
from Security News - Software vulnerabilities, data leaks, malware, viruses
Domestic digital spying on ordinary citizens is an international threat that will only be slowed with measures like a proposed international treaty declaring privacy a basic human right, Edward Snowden said Thursday in a video appearance at a Manhattan forum.
Feedly:TrendLabs Security Intelligence Blog. Credit Card-Scraping Kasidet Builder Leads to Spike in Detections
from TrendLabs Security Intelligence Blog
By RonJay Caragay, Michael Marcos A commercialized builder of the Kasidet or Neutrino bot, which is infamous for its distributed denial-of-service (DDoS) capabilities, have been making the rounds recently after it was leaked in an underground forum in July (version 3.6). It included a previously unheard of feature for the bot: “ccsearch” or the scraping of payment card details […]
Feedly:Fortinet Blog. Closing The Gap On Mobile Security For SMBs
from Fortinet Blog
Not surprisingly, mobile security ranks among the top challenges IT faces when it comes to protecting small and mid-sized businesses. What is surprising, however, is that only 16% of SMBs worldwide responding to a recent Techaisle survey say they&rsq...
Feedly:TrendLabs Security Intelligence Blog. One Year After Shellshock, Are Your Servers and Devices Safer?
from TrendLabs Security Intelligence Blog
Security researchers were the first to respond during the Shellshock attacks of 2014. After news of the fatal flaw in the prevalent Bash (Bourne Again Shell)— found in most versions of the Unix and Linux operating systems as well as in Mac OSX —was released, researchers started looking into how it can be used against affected web […]
Feedly:. Kovter malware learns from Poweliks with persistent fileless registry update
from
A variant of the Kovter malware is the first to use Trojan.Poweliks’ pioneering tricks by residing only in the registry to evade detection.
Twitter Card Style:
summary
Feedly:SANS Internet Storm Center, InfoCON: green. Tracking Privileged Accounts in Windows Environments, (Sun, Sep 20th)
from SANS Internet Storm Center, InfoCON: green
While speaking with a customer, he complained about the huge number of privileged users having do ...(more)...
Wednesday, September 23, 2015
Feedly:The Citizen Lab. Jason Q. Ng speaks to the China Economic Review on UC Browser vulnerabilities
from The Citizen Lab
Citizen Lab Senior Research Fellow Jason Q. Ng spoke to the China Economic Review on the findings of the UC Browser report, and the impact of security vulnerabilities on users.
The post Jason Q. Ng speaks to the China Economic Review on UC Browser vulnerabilities appeared first on The Citizen Lab.
Feedly:Malwarebytes Unpacked. Imgur Abused in DDoS Attack Against 4Chan!
from Malwarebytes Unpacked
 |
|
| So a few of you might have noticed that we started blocking "Imgur.com" which is a popular image sharing website. The reason we did this is because of a vulnerability within their code that allowed cyber criminals to load malicious javascript code into the browsers of site users. This in turn was used to turn each system into a DDoS weapon.
Categories: Tags: adam kujawablockddosimgurvulnerabilityweb protection |
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Agency: Millions more government fingerprints deemed stolen
from Security News - Software vulnerabilities, data leaks, malware, viruses
The Obama administration says the fingerprints of 5.6 million people who applied for or received a federal security clearance were stolen—not 1.1 million as first believed.
Feedly:We Live Security » Languages » English. Criminals, Linguistics, Literacy and Attribution
from We Live Security » Languages » English
In an article I wrote recently for Infosecurity Magazine – Spelling Bee (Input from the Hive Mind – I touched on the topic of textual analysis (in a rather loose sense). This was in response to some comments implying that it’s a good indicator of scamminess when a message uses US or UK spellings inappropriate to
The post Criminals, Linguistics, Literacy and Attribution appeared first on We Live Security.
Feedly:We Live Security » Languages » English. Global information security spend grows by 5% in 2015
from We Live Security » Languages » English
Gartner reveals that spending on information security across the world will have increased by 4.7% by the end of this year.
The post Global information security spend grows by 5% in 2015 appeared first on We Live Security.
Feedly:We Live Security » Languages » English. UK businesses ‘need to protect themselves from cybercrime’
from We Live Security » Languages » English
UK businesses need to protect themselves from cybercrime, as government data reveals that up to 90 percent of major businesses in the country experienced an attack in 2014.
The post UK businesses ‘need to protect themselves from cybercrime’ appeared first on We Live Security.
Feedly:. Free Instagram followers: Compromised accounts, phishing sites and survey scams
from
Scammers are using compromised Instagram accounts to phish for login credentials and earn money through survey scams.
Twitter Card Style:
summary
Feedly:We Live Security » Languages » English. 7 years of Android: A painful journey to world dominance
from We Live Security » Languages » English
Exactly seven years ago to the day (September 23rd), after much speculation, Google finally lifted the lid on its secret project, one which would go onto change the mobile world.
The post 7 years of Android: A painful journey to world dominance appeared first on We Live Security.
Feedly:Malwarebytes Unpacked. Press H to Hack: Unsolicited Draft
from Malwarebytes Unpacked
 |
|
| We take a look at a game which lets you become a junk mail spammer.
Categories: Tags: gamesgamingjunk mailpress h to hackspam |
Tuesday, September 22, 2015
Feedly:TrendLabs Security Intelligence Blog. Businesses Held for Ransom: TorrentLocker and CryptoWall Change Tactics
from TrendLabs Security Intelligence Blog
Perpetrators behind ransomware have moved away from targeting consumers and tailored their attacks to extort small and medium-sized businesses (SMBs).This business segment make potentially good targets for ransomware since small businesses are less likely to have the sophisticated solutions that enterprises have. And at the same time, the owners often have the capacity to pay. […]
Feedly:SANS Internet Storm Center, InfoCON: green. Making our users unlearn what we taught them, (Wed, Sep 23rd)
from SANS Internet Storm Center, InfoCON: green
Remember back in the ancient days, when macro viruses were rampant, and we security ge ...(more)...
Feedly:SANS Internet Storm Center, InfoCON: green. TLS Everywhere: Upgrade Insecurity Requests Header, (Tue, Sep 22nd)
from SANS Internet Storm Center, InfoCON: green
TLS (I still have to get used to saying TLS instead of SSL) everywhere is a goal many sites attem ...(more)...
Feedly:Malwarebytes Unpacked. A Week in Security (Sep 13 – Sep 19)
from Malwarebytes Unpacked
 |
|
| A compilation of notable security news and blog posts from September 13 to 19.
Categories: Tags: recapweekly blog roundup |
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Cyber security firm offers $1 million for Apple hack
from Security News - Software vulnerabilities, data leaks, malware, viruses
Computer security firm Zerodium on Tuesday offered a $1 million (890,000-euro) bounty to hackers who can find a way to breach Apple's latest iOS 9 mobile operating system.
Feedly:Malwarebytes Unpacked. Ghostery: A Tool that Stop Trackers
from Malwarebytes Unpacked
 |
|
| For those who feel that they are being watched by a “big brother”, there are several tools that will help you in stopping some of the online tracking that is going on. If you are using Firefox I would like to recommend this post about hardening Firefox. One of the options my colleague posted was […]
Categories: Tags: analyticsblockchromeGhosteryghostrankoptionsPieter Arntzprivacytrackertrackingwidgets |
Feedly:Malwarebytes Unpacked. Malvertising Attack Hits Realtor.com Visitors
from Malwarebytes Unpacked
 |
|
| People looking for a new house via real estate website realtor.com may have been exposed to malvertising.
Categories: Tags: anglerexploit kitmalvertisingrealtor.comSSL |
Feedly:Fortinet Blog. A Visualization Is Worth A Whole Lot Of Words When It Comes To Security
from Fortinet Blog
We all know the expression “a picture is worth a thousand words”. But those of us who have experienced the power of dynamic visualizations in big data analytics tools know that a good visualization can take countless words and huge datase...
Feedly:We Live Security » Languages » English. Google Drive security boost for paying customers
from We Live Security » Languages » English
Google has announced that organizations that pay for Google Drive will reap the benefits of a more secure platform.
The post Google Drive security boost for paying customers appeared first on We Live Security.
Feedly:Malwarebytes Unpacked. GTA 5 Money Generator Scams: They’re Wheelie Bad
from Malwarebytes Unpacked
 |
|
| We take a look at the current batch of Grand Theft Auto money generator sites.
Categories: Tags: fakegrand theft auto onlineGTAGTAVsurvey |
Feedly:We Live Security » Languages » English. Android trojan drops in, despite Google’s bouncer
from We Live Security » Languages » English
ESET recently discovered an interesting stealth attack on Android users, an app that is a regular game but with an interesting addition: the application was bundled with another application.
The post Android trojan drops in, despite Google’s bouncer appeared first on We Live Security.
Feedly:TrendLabs Security Intelligence Blog. Follow the Data: Dissecting Data Breaches and Debunking the Myths
from TrendLabs Security Intelligence Blog
Data breaches are daily news items. Reports of data breaches affecting governments, hospitals, universities, financial institutions, retailers, and recently an extra-marital affairs site, so on dominate the news with increasing frequency. This is merely the tip of the data breach iceberg, with the vast majority of incidents remaining unreported and undisclosed. To better understand data […]
Feedly:Virus alerts. Dangerous adware distributes Trojans for OS X
from Virus alerts
September 22, 2015
The sample of Adware.Mac.WeDownload.1, analyzed in Doctor Web virus laboratory, is disguised as a distribution package of Adobe Flash Player containing the following digital signature: "Developer ID Application: Simon Max (GW6F4C87KX)". This downloader is distributed via an affiliate program focused on generating income from file downloads.
Once launched, Adware.Mac.WeDownload.1 prompts the user to grant it administrator privileges and sends consecutive requests to three command and control servers, whose addresses are hard coded in its body, to get data for the main application window. If none of the servers responds, the downloader terminates its work. If Adware.Mac.WeDownload.1 gets a response, it sends the command and control server a POST request containing the downloader's configuration data in JSON format (JavaScript Object Notation). As a reply, the program receives an HTML page with the contents of the main window. The downloader adds a current time mark and a digital signature, which is generated based on a special algorithm, to all future GET and POST requests.
Once an appropriate request is sent, Adware.Mac.WeDownload.1 receives a list of applications that the user will be prompted to install. The list includes not only unwanted programs but also malicious ones, including Program.Unwanted.MacKeeper, Mac.Trojan.Crossrider, Mac.Trojan.Genieo, Mac.BackDoor.OpinionSpy, various Trojans belonging to the Trojan.Conduit family, and some other dangerous applications.
The total number and types of programs depend on the victim's geolocation. If the list of applications is empty, the user will not be offered to install anything else except for their original choice.
Doctor Web security researchers would like to remind users of Apple computers to be careful and to download applications only from reliable sources. The signature of Adware.Mac.WeDownload.1 has been added to Dr.Web virus database for OS X, and, therefore, this downloader poses no threat to our users.
Feedly:We Live Security » Languages » English. Update Flash now! Adobe releases patch, fixing critical security holes
from We Live Security » Languages » English
It's time to update Flash once again, and don't forget to reduce the attack surface by enabling "Click to Play"... or uninstall it altogether.
The post Update Flash now! Adobe releases patch, fixing critical security holes appeared first on We Live Security.
Monday, September 21, 2015
Feedly:TrendLabs Security Intelligence Blog. The XcodeGhost Plague – How Did It Happen?
from TrendLabs Security Intelligence Blog
The iOS app store has traditionally been viewed as a safe source of apps, thanks to Apple’s policing of its walled garden. However, that is no longer completely the case, thanks to the discovery of multiple legitimate apps in the iOS app store that contained malicious code, which was dubbed XcodeGhost. So, how did XcodeGhost […]
Feedly:TrendLabs Security Intelligence Blog. How Exploit Kit Operators are Misusing Diffie-Hellman Key Exchange
from TrendLabs Security Intelligence Blog
By Brooks Li, Stanley Liu and Allen Wu Feedback from the Trend Micro™ Smart Protection Network™ has allowed us to discover that the notorious Angler and Nuclear exploit kits have included the latest Flash vulnerability (CVE-2015-5560) in their regular update. This means that systems with Adobe Flash Player 18.0.0.209 and earlier are vulnerable; however users running the […]
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Lawyer: US needs to present better data in encryption debate
from Security News - Software vulnerabilities, data leaks, malware, viruses
The federal government needs to be clearer about the importance of accessing encrypted smartphone evidence in order to prosecute criminals, a Justice Department lawyer acknowledged Monday.
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. AI algorithm trained to predict what ISIL forces will do in different situations
from Security News - Software vulnerabilities, data leaks, malware, viruses
An elder tribesman in eastern Afghanistan was amazed by the precision of American drone strikes. He had seen attacks hit exactly where insurgents were sleeping. A room exploded and they were no longer there.
Feedly:We Live Security » Languages » English. Apple removes hundreds of malicious apps after major malware attack
from We Live Security » Languages » English
Apple has removed more than 300 malicious apps after confirming the first major breach to its iOS app store.
The post Apple removes hundreds of malicious apps after major malware attack appeared first on We Live Security.
Sunday, September 20, 2015
Feedly:SANS Internet Storm Center, InfoCON: green. Using testssl.sh , (Sun, Sep 20th)
from SANS Internet Storm Center, InfoCON: green
Testssl project has announced the release of testssl 2.6 ...(more)...
Feedly:The Citizen Lab. Researchers Find Major Security and Privacy Issues in Smart Sheriff Parental Monitoring Application
from The Citizen Lab
The Citizen Lab at the Munk School of Global Affairs, University of Toronto is releasing a new report, “Are the Kids Alright? Digital Risks to Minors from South Korea’s Smart Sheriff Application.” The report details results of two independent audits of the privacy and security of Smart Sheriff, a parental monitoring application that has been promoted by the South Korean government.
The post Researchers Find Major Security and Privacy Issues in Smart Sheriff Parental Monitoring Application appeared first on The Citizen Lab.
Feedly:The Citizen Lab. 시티즌랩 연구진, 한국의 청소년 유해정보 차단 앱에서 중요한 보안 및 프라이버시 문제점 발견
from The Citizen Lab
오늘 토론토 대학교 뭉크스쿨 글로벌상황연구소 산하 시티즌랩 (Munk School of Global Affairs, Citizen Lab)에서는 새로운 보고서 “우리의 아이들은 안전한가? 청소년들을 디지털 위험에 노출시키는 한국의 스마트보안관 앱(Are the Kids Alright? Digital Risks to Minors from South Korea’s Smart Sheriff Application)”을 발표한다. 동 보고서는 한국 정부가 권장하는 유해정보 차단 소프트웨어인 “스마트보안관”의 프라이버시 보호 정도 및 보안성에 대한 독립적인 두 건의 감사 결과를 상세하게 서술하고 있다.
The post 시티즌랩 연구진, 한국의 청소년 유해정보 차단 앱에서 중요한 보안 및 프라이버시 문제점 발견 appeared first on The Citizen Lab.
Feedly:The Citizen Lab. Are the Kids Alright? Digital Risks to Minors from South Korea’s Smart Sheriff Application
from The Citizen Lab
This report describes the results of two independent security audits of Smart Sheriff, one by researchers who collaborated at the 2015 Citizen Lab Summer Institute (held at the Munk School of Global Affairs, University of Toronto), and the other by the auditing firm Cure53. The combined audits identified twenty-six security vulnerabilities in recent versions of Smart Sheriff (versions 1.7.5 and under). These vulnerabilities could be leveraged by a malicious actor to take control of nearly all Smart Sheriff accounts and disrupt service operations.
The post Are the Kids Alright? Digital Risks to Minors from South Korea’s Smart Sheriff Application appeared first on The Citizen Lab.
Saturday, September 19, 2015
Friday, September 18, 2015
Feedly:Fortinet Blog. Windows Journal Vulnerability Disclosed Plus A Weekend Bonus
from Fortinet Blog
FortiGuard Labs disclosed a heap overflow vulnerability earlier this week in Windows Journal, a notetaking application developed by Microsoft that is included in Windows XP Tablet PC Edition, Windows Vista, Windows 7, Windows 8, and Windows 10....
Feedly:Malwarebytes Unpacked. Unconventional Malvertising Attack Uses New Tricks
from Malwarebytes Unpacked
 |
|
| Cyber criminals are creative when using their creative, as seen in this malvertising campaign experimenting with new obfuscation tricks.
Categories: Tags: CVE-2015-5122malvertising |
Feedly:Malwarebytes Unpacked. Warning: Tax Credits Refund Phish
from Malwarebytes Unpacked
 |
|
| Tax credit changes are something of a big deal in the UK at the moment, with an expected impact on finances for millions of people. It's particularly cruel, then, to see scammers leap onto the bandwagon with promises of tax credit refunds.
Categories: Tags: fakefraudphishphishingscamtax |
Feedly:We Live Security » Languages » English. UK’s NCA calls for global approach to cybercrime
from We Live Security » Languages » English
An international effort between security organisations is needed to fight cybercrime, says the UK’s National Crime Agency.
The post UK’s NCA calls for global approach to cybercrime appeared first on We Live Security.
Feedly:We Live Security » Languages » English. The evolution of ransomware: From PC Cyborg to a service for sale
from We Live Security » Languages » English
A look back at how ransomware – a type of malware used mostly for hijacking user data – has evolved from the days of PC Cyborg to today's service for sale.
The post The evolution of ransomware: From PC Cyborg to a service for sale appeared first on We Live Security.
Feedly:Malwarebytes Unpacked. “Your PC Is Infected” Round-up…
from Malwarebytes Unpacked
 |
|
| We take a look at a collection of websites claiming your PC has been infected.
Categories: Tags: error messagestech support |
Thursday, September 17, 2015
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. A new defense for Navy ships: Protection from cyber attacks
from Security News - Software vulnerabilities, data leaks, malware, viruses
For most people, the term "cyber security" calls to mind stories of data theft like the recent hacks of the OPM database, or network spying like the 2012 breach of the Navy-Marine Corps Intranet.
Feedly:Malwarebytes Unpacked. IRISSCON 2015 Presentation: “Bad Ads”
from Malwarebytes Unpacked
 |
|
| Malware Intelligence Analyst Chris Boyd will be giving a presentation on the subject of "Bad Ads" at this year's IRISSCON Security Conference.
Categories: Tags: advertisingadvertsconferenceIRISSCONmalvertisingsecurity |
Feedly:Security News - Software vulnerabilities, data leaks, malware, viruses. Dutch nab hackers setting ransoms to unlock computers
from Security News - Software vulnerabilities, data leaks, malware, viruses
Dutch police revealed Thursday they have arrested two young hackers who infiltrated a type of malware known as "ransomware" to access thousands of computers worldwide, before demanding money to unlock the machines.
Feedly:SANS Internet Storm Center, InfoCON: green. A day in the life of a pentester, or is my job is too sexy for me?, (Thu, Sep 17th)
from SANS Internet Storm Center, InfoCON: green
As a professional penetration tester I often get asked questions like What are the top 10 tools y ...(more)...
Feedly:. AirDrop vulnerability poses threat to iPhone and Mac users
from
Apple users advised to update iOS and Mac OS X as successful exploit requires no user interaction.
Twitter Card Style:
summary
Subscribe to:
Posts (Atom)
