|
Home > News > Tags > Malware
|
|
30
More: next 50 >>
Security researchers from Bitdefender have spotted a new variant of the Dorkbot worm. The malware is designed to spread from one computer to the other by abusing Facebook’s internal chat.
Once it infects a device, the malicious element is capable of monitoring the victim’s browsing activities, but it&rsq... |
14 May 2013
10:05 GMT |
 |
|
Have you purchased anything from Amazon UK? If so, you better be on the lookout for malware-delivering emails that purport to represent order confirmations from Amazon.co.uk.
Sophos experts say that all the links from the notification point to the legitimate Amazon.co.uk website. However, the file that’s attac... |
14 May 2013
09:00 GMT |
|
|
Microsoft is set to release this month’s Patch Tuesday updates later today, but a new version of the Malicious Software Removal Tool is already up for grabs.
While no details are available right now since Microsoft is yet to publicly announce this new build, Malicious Software Removal Tool 4.20 most likely pac... |
14 May 2013
04:54 GMT |
|
|
Security experts continue to analyze pieces of malware from the Winnti family, which are mainly used by a Chinese cybercriminal group to target South East Asian organizations from the video gaming sector. Trend Micro researchers have uncovered a new backdoor that’s possibly used in targeted attacks.
The threa... |
10 May 2013
04:10 GMT |
|
|
There has been a lot of talk lately about the efficiency of antiviruses as endpoint protection. A recent Dark Reading article once again puts antiviruses under the microscope, comparing them to Google’s new reputation system.
In response to the article, Raimund Genes, CTO of Trend Micro, has published a short ... |
8 May 2013
15:31 GMT |
|
|
Experts have found that malware authors are turning more and more to AutoIt, a free BASIC-like scripting language, to develop their creations.
AutoIt is easy to learn, it’s scalable, and it can be used to run applications in stand-alone executable files. This makes it perfect for cybercriminals that don’... |
7 May 2013
16:01 GMT |
|
|
Several scam advisory websites and security firms are warning users about malware-carrying emails that purport to come from Citibank Paymentech. The emails, entitled “Merchant Statement,” read something like this: “Attached is your Citibank Paymentech electronic Merchant Billing Statement. If you ... |
7 May 2013
15:01 GMT |
|
|
Ransomware helps cybercriminals make millions of dollars each year. While the crooks can earn a lot of money from regular Internet users, companies can also be a lucrative target. A perfect example is a recent attack against FOX21, the reality television production arm of 20th Century Fox. Details are scarce, but ... |
7 May 2013
10:44 GMT |
|
|
Ubuntu Malware Removal Toolkit is a Linux distribution based on the Ubuntu distribution that can help Windows users salvage their OS. According to developers, the purpose of Ubuntu Malware Removal Toolkit distribution is to create a portable environment that will make it easier to remove malware from infected Window... |
7 May 2013
09:53 GMT |
|
|
Cybercriminals have compromised at least 10 websites, including 5 belonging to US media organizations. The hijacked sites are utilized to distribute the ZeroAccess Trojan and Fake AV malware.
The media sites impacted by this campaign are the ones of Real Clear Policy, Real Clear Science, The Christian Post, Federal ... |
7 May 2013
07:39 GMT |
|
|
Cybercriminals often disguise malware as updates for Flash Player. An interesting example has been analyzed recently by security experts from Zscaler.
The attack starts with a number of websites that redirect their visitors to click-videox.com. Once victims land on this site, they’re urged – in English o... |
7 May 2013
06:54 GMT |
|
|
The official website of the Board of Regents of the State of Louisiana (regents.la.gov) has been hacked and abused to distribute a variant of the notorious Sirefef malware.
Avast reports that the malware is hosted in the “wp-content” folder of the site and it’s served as an executable to anyone who... |
3 May 2013
10:36 GMT |
|
|
Trusteer experts have come across an interesting variant of the Java exploit kit called “g01pack.” g01pack is different from other exploit kits because it delivers its payload via a multistage attack.
“The first stage of the attack, the exploit shellcode, executes a second stage, in which a Java cl... |
3 May 2013
03:22 GMT |
|
|
Security firm Commtouch has released its Internet Threats Trend Report for the first quarter of 2013. The company reveals that, in the first three months of this year, a whopping 97.4 billion spam emails and 973 million malware emails were sent out each day. Spam levels increased by 98% and phishing by 74% compared... |
2 May 2013
18:11 GMT |
|
|
Many IT security professionals are often required to analyze pieces of malware and determine the full extent of the damage they can cause to their organization’s networks, systems and data. The big question is: should they build their own analysis platform or buy a commercial solution?
To help professionals in... |
2 May 2013
15:11 GMT |
|
|
Security researchers from Bitdefender Labs have uncovered some new variants of the notorious TDL malware, a threat that's designed to infect the master boot record of computers.
One difference between these and older TLD versions is the fact that the new samples use file names made up entirely of digits. Previo... |
1 May 2013
17:01 GMT |
|
|
Webroot warns that it has recorded an increase in the number of Fake AV scams that leverage the name of Microsoft.
One of the attacks it has analyzed involves a fake Microsoft Security Essentials alert that pops up on a website.
As long as users ignore these alerts, they have nothing to worry about.
However... |
1 May 2013
15:01 GMT |
|
|
AlienVault experts are currently analyzing an attack on the website of the US Department of Labor (dol.gov). According to the security firm, when users visit the Department of Labor website, a script is executed. This script is designed to probe the victim’s computer to see what versions of Flash, Java, ... |
1 May 2013
10:49 GMT |
|
|
Cybercriminals are constantly improving the methods they utilize to hijack the online banking accounts of Internet users. Security firm Trusteer has identified a new variant of the Ramnit worm that uses a clever one-time password (OTP) scam to trick the customers of a UK bank.
According to experts, the malware stays... |
1 May 2013
08:51 GMT |
|
|
Last week, the official website of the Southern Baptist Convention – the world's largest Baptist denomination – was blocked on some US military bases. Many rushed to accuse the military of discrimination, but officials say it’s not the case.
Users who attempted to access the site were warned... |
1 May 2013
04:12 GMT |
|
|
In mid-April, security researchers from Zscaler reported uncovering a fake SourceForge website, sourceforgechile.net, set up by cybercriminals in an attempt to distribute a variant of the notorious ZeroAccess Trojan. Now, experts say that several new domains have been registered: - sourceforgeyemen.net; - sourceforg... |
1 May 2013
03:34 GMT |
|
|
Spam messages that purport to come from the US Federal Reserve (alerts@federalreserve.gov) have been landing in inboxes over the past hours.
Entitled “Your Wire Transfer [number] canceled,” the emails read something like this:
“The Wire transfer, recently sent from your bank account , was no... |
30 April 2013
11:05 GMT |
|
|
Adobe Reader vulnerabilities are often exploited by cybercriminals to drop malware onto their targets’ computers. Experts have identified a number of advanced persistent threat (APT) campaigns that rely on such security holes.
Trend Micro researchers have analyzed several APT campaigns and have found that at l... |
30 April 2013
09:35 GMT |
|
|
Security researchers from Avira have identified a massive spam campaign that’s aimed at Internet users from Germany. The campaign leverages the name and reputation of Apple and German supermarket chain Plus to trick internauts into installing malware on their computers.
The spam messages appear to be invoices ... |
30 April 2013
09:14 GMT |
|
|
There are multiple ways to get rid of a malware infection, but a German Ministry of Education has come up with a way that would shock many experts.
The Ministry of Education in Schwerin determined that it would cost them €130,000 ($169,000) to clean up 170 computers infected with the notorious Conficker malwar... |
30 April 2013
07:00 GMT |
|
|
Security experts have identified another malicious Apache backdoor that’s used by cybercriminals to redirect traffic to their malicious websites.
According to experts from security firm Sucuri, the attackers are replacing the Apache binary (httpd) with a malicious one on cPanel-based servers. In older attacks,... |
30 April 2013
05:06 GMT |
|
|
A new PayPal-themed spam campaign has been launched by the Amerika crew, a criminal group that’s believed to be responsible for many of the major spam runs designed to lure users to malware-serving websites.
According to Dynamoo’s Blog, the latest series of malicious emails are entitled “Requested ... |
30 April 2013
04:37 GMT |
|
|
In most cases, malware developers and Fraud-as-a-Service (FaaS) providers advertise their products on underground markets and sell them only to people that come with recommendations. This way, the cybercriminals can make sure their operations can’t be easily disrupted.
However, RSA researchers have identified ... |
29 April 2013
07:05 GMT |
|
|
Most spam campaigns leveraging the recent Boston Marathon explosions have nothing that’s out of the ordinary. However, Trend Micro experts have identified one targeted attack that’s worth mentioning.
It all starts with an email entitled “Please pray for Boston.”
The email reads something li... |
26 April 2013
18:31 GMT |
|
|
Malicious e-fax messages have often been used by cybercriminals in an effort to distribute malware. The latest such campaign identified by security experts relies on fake DuoFAX emails.
Sophos informs that the notifications are designed to appear as if they’ve been sent with the DuoFAX service. The emails are ... |
26 April 2013
15:11 GMT |
|
|
Brian Krebs is a highly respected member of the information security industry, but in this field, you can’t be good and not have a few enemies. Considering the large number of cybercriminal groups he has exposed, it shouldn’t surprise anyone that a lot of shady characters don’t like him.
Last month... |
26 April 2013
07:10 GMT |
|
|
Back in February, security experts identified several maliciously crafted Word documents being utilized by cybercriminals to target Uyghur users who had Microsoft Office installed on their Mac computers. Now, F-Secure has identified a new document.
The previously identified documents listed “Captain” as ... |
26 April 2013
03:39 GMT |
|
|
Security solutions provider FireEye has released a study called “The Advanced Cyber Attack Landscape.” The report, based on over 12 million malware communications, provides some insight into the sophisticated attacks launched by cybercriminals.
The study shows that 184 countries house command and control... |
24 April 2013
15:01 GMT |
|
|
Russian authorities say they’ve prevented the theft of 1 billion rubles ($31.7 million / €24.4 million) by arresting an individual they suspect has been utilizing the Carberp malware to steal money from the customers of Russian banks.
Group-IB, which collaborated with Sberbank and the K Department of Rus... |
24 April 2013
09:59 GMT |
|
|
One of the best ways for pieces of malware to avoid being detected by security solutions is to rely on legitimate applications and services to perform their malicious tasks. One perfect example is the Vernot Trojan.
Trend Micro has analyzed a new variant, BKDR_VERNOT.B, which relies on a Japanese blogging platform f... |
24 April 2013
09:23 GMT |
|
|
Internet users should be on the lookout for bogus emails that appear to come from the Loss Avoidance Alert System.
Conrad Longmore reports on Dynamoo’s Blog that the emails, entitled “The Loss Avoidance Alerts that you requested are now available on the internet,” are designed to trick users into c... |
23 April 2013
16:11 GMT |
|
|
Google’s malware-scanning service VirusTotal has just been improved. Starting today, besides .exe, .pdf and .apk files, information security researchers and security enthusiasts can also analyze .pcap (packet capture) files.
PCAP files are utilized for packet sniffing and analyzing data network characteristics... |
22 April 2013
09:43 GMT |
|
|
An interesting variant of TorRAT, a piece of malware often used by cybercriminals to steal users’ online banking credentials, has been spotted in the wild.
According to researchers from security firm Trusteer, a spam campaign powered by TorRAT is currently targeting Dutch users.
Once it infects a computer, t... |
22 April 2013
07:19 GMT |
|
|
The Android.Fakealert malware family is still making the rounds. Experts from security firm Dr. Web have found that the threat is being served via advertisements that pop up in Android applications.
It all starts with various Android apps. They display advertisements that urge users to scan their mobile devices with... |
20 April 2013
14:01 GMT |
|
|
This week, Lookout has announced that a new malware family has been discovered on Android, called BadNews and present inside 32 applications available from four different developers through the Google Play Store.
The company reports that the applications have been downloaded between 2,000,000 – 9,000,000 time... |
20 April 2013
08:51 GMT |
|
|
A malware analysis rolled out by AV-TEST a few days ago has revealed that Microsoft's Bing search delivers five times more malware-hosting links than Google, despite the company's efforts to improve the security of its search engine.
The Redmond-based tech giant has decided to fight back, explaining that A... |
20 April 2013
07:11 GMT |
|
|
When the new pope was elected, fake CNN news emails started making the rounds, attempting to lure users to malicious websites. Later, when news broke out about the crisis in Cyprus, similar BBC emails started landing in inboxes.
Now, cybercriminals have launched a campaign around the Boston Marathon bombings.
Cybe... |
18 April 2013
17:01 GMT |
|
|
Microsoft rolled out the Security Intelligence Report Volume 14 today to reveal that Windows computers in the United States are among the most vulnerable in the entire world, as local users don’t seem to care too much about anti-malware software solutions.According to data included in the report, 40 percent of ... |
18 April 2013
16:31 GMT |
|
|
Security firm Kaspersky has published its spam report for March 2013. One of the malicious spam campaigns detailed in the report leverages the name of Australian telecoms company TPG Telecom in an effort to distribute a variant of the notorious ZeuS Trojan. Bearing the subject “Restoration of Mobile Phone Depo... |
18 April 2013
15:01 GMT |
|
|
Microsoft used the 14th edition of its Security Intelligence Report to emphasize that Windows 8 is a very secure operating system, revealing that Windows 7 RTM has the lowest rate of anti-malware protection, thus becoming one of the most vulnerable platforms.
While it also revealed that 24 percent of PCs worldwide a... |
18 April 2013
15:01 GMT |
|
|
Shortly after the world learned of the Boston Marathon bombings, cybercriminals have started leveraging the subject in an effort to lure users to malware-serving sites.
Now that most media outlets have picked up the story about the explosions at the fertilizer plant near Waco, Texas, the cybercrooks have start... |
18 April 2013
10:07 GMT |
|
|
Cybercriminals often set up replicas of popular websites and use them to distribute malware. A perfect example is sourceforgechile.net, a website that replicates the popular source code repository SourceForge.
Experts from security firm Zscaler say the website was registered a week ago in the US and hosted on a serv... |
18 April 2013
05:41 GMT |
|
|
Seculert researchers have come across an interesting piece of malware which they’ve dubbed the “magic malware.” Unlike other persistent threats, which receive their instructions from the command and control server via the HTTP protocol, this particular malware communicates via a custom-made protoco... |
18 April 2013
05:12 GMT |
|
|
Cybercrime investigation company Group-IB has identified a new type of malware that’s specifically designed to target QUIK, a stock brokerage platform used by many financial institutions worldwide, including ones from Russia such as Sberbank, Alfa-Bank and Promsvyazbank. The company reveals that up until ... |
18 April 2013
04:45 GMT |
|
|
Malicious emails purporting to come from Cover-More, an Australian travel insurance provider, are used by cybercriminals to distribute a piece of malware.
The company has published an advisory to warn users about notifications entitled “Cover-More Travel Insurance Cover (policy number: [random number]).” Appar... |
17 April 2013
18:21 GMT |
|
More: next 50 >> |
|
|
Find us on Google+
