Operation AppleJeus: Lazarus hits cryptocurrency exchange with fake installer and macOS malware
...US. RC4 key from the older Fallchill Fallchill malware uses a RC4 algorithm with a 16-byte key to protect its communications. The key extracted from the Fallchill variant used in... more…Is WannaCry Really Ransomware?
...behind the campaign would decrypt victims’ data once they received payment. However, for a campaign with incredibly effective propagation techniques, reasonable key and data management, and a working anonymous communication... more…Clop Ransomware
...malware will make a new thread with a struct prepared with a hardcoded key block, the name of the file, and the path where the file exists. In this thread... more…The evolution of Brazilian Malware
...Introduction Brazilian malware continues to evolve day by day, making it increasingly sophisticated. If you want to know how the various malicious programs work nowadays, you can jump... more…April/2012 Malware Analysis
...When we see a compromised site distributing malware, it is often done via 4 methods: Iframe, Javascript, Spam or internal redirections. Those are not the only ways, and they... more…Game of Threats
...are our key findings: The total number of users who encountered by TV-show-related malware in 2018 is 126,340 globally, one-third less than in 2017. The number of attacks by such... more…ROCA: Which Key-Pair Attacks Are Credible?
...In the past two weeks, we have seen two big encryption issues arise: key reinstallation attacks, called KRACKs; and “Return of Coppersmith’s Attack,” called ROCA. Many CEOs, CIOs,... more…Financial Cyberthreats in 2018
...of how the financial threat landscape has evolved over the years. It covers the common phishing threats that users encounter, along with Windows-based and Android-based financial malware. The key findings... more…Zebrocy’s Multilanguage Malware Salad
...persistence technique, BlackEnergy malware continued using this code until late 2015. Then, these APTs discontinued both the Delphi-based Delphocy project and the use of this mysterious chunk of code within... more…IT threat evolution Q1 2019. Statistics
...types of malware are not exclusive to Australia, and used for attacks worldwide. Second place was taken by Turkey (0.73%), where, as in Australia, Trojan-Banker.AndroidOS.Agent.ep was most often detected. Russia... more…SynAck targeted ransomware uses the Doppelgänging technique
...Part of the procedure that implements Process Doppelgänging Binary obfuscation To complicate the malware analysts’ task, malware developers often use custom PE packers to protect the original code of the... more…IT threat evolution Q3 2018
...C2 is unavailable – for example, the infected computer is not connected to the internet, or the server is down – the malware uses a hardcoded key and ID. As... more…Analyzing a Fresh Variant of the Dorkbot Botnet
...other malicious behavior. Dorkbot relies on social networking as its infection vector. In this post, we offer our analysis of this new variant. The malware downloads the file from api[.]wipmania[.]net,... more…IT threat evolution in Q1 2016
...notifications about attempted malware infections that aim to steal money via online access to bank accounts. Crypto ransomware attacks were blocked on 345,900 computers of unique users. Kaspersky Lab’s file... more…Threats to users of adult websites in 2018
...with adult content, he compromised his device and subsequently infected the entire network with malware, leaving it vulnerable to spyware attacks. This, and other examples confirm that adult content remains... more…Kaspersky Security Bulletin 2018. Top security stories
...files. The creators of this Trojan implemented a very simplistic scheme. The malware uses the symmetric algorithm AES-256 in CFB mode with zero IV and the same 32-byte key for... more…Kam dál?
- Banking Trojan DRIDEX Uses Macros for Infection
- Resolved: Most ITS CLC services temporarily down during maintenance window 11/20/2012
- Genetic risk of Alzheimer’s has gender bias
- Facebook criticised for misuse of phone numbers provided for security
- Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability
- The FDA doesn’t want your pacemaker to get hacked
- Judge allows group to oppose FTC settlement with Google
- Router Company Lazily Blocks Open Source Router Firmware, Still Pretends To Value ‘Creativity’
- Phishing Pages Hidden in "well-known" Directory
- What computer security threats can we expect to see in 2013?