When Adware Goes Bad: The Installbrain and Sefnit Connection
Figure 1. Motto taken from the InstallBrain website (http://www.installbrain.com) on July 3, 2014” “Monetize On Non-buyers” is the bold motto of InstallBrain—adware that turns out to have been developed by an Israeli company called iBario Ltd. This motto clearly summarizes the potential risks adware companies can introduce to users, especially when they install stuff on […] more…DOWNAD Tops Malware Spam Source in Q2 2014
DOWNAD , also known as Conficker remains to be one of the top 3 malware that affects enterprises and small and medium businesses. This is attributed to the fact that a number of companies are still using Windows XP, susceptible to this threat. It can infect an entire network via a malicious URL, spam email, and […] more…Cross-Platform Mobile Threats: A Multi-Pronged Attack
Cross-platform threats can be dangerous, both at home and in the office. These can ‘jump’ from one platform to another, or target all of them at the same time – potentially infecting a user’s entire network, or even a company’s network if left unchecked. The risk to critical data and system functionality, not to mention overall […] more…Play Store Update Changes Permissions, And Not For The Better
One of the reasons that mobile OSes such as iOS and Android are more secure than their desktop counterparts is that they include very robust controls over app permissions. Each app requests from the user and operating system permissions that, in theory, are limited to what they need. As applied, they have not always worked. […] more…CloudFlare acquires enterprise VPN provider CryptoSeal
CloudFlare has acquired CryptoSeal, a provider of VPN (virtual-private-network) services for businesses, in a deal it says will extend its security services to Web users. Terms of the deal were not disclosed. CloudFlare began to shut down CryptoSeal’s service last week after the acquisition was finalized, and the service will be fully retired by June […] more…Tor Is For Everyone: Why You Should Use Tor
EFF recently kicked off its second Tor Challenge, an initiative to strengthen the Tor network for online anonymity and improve one of the best free privacy tools in existence. The campaign—which launched with partners at the Freedom of the Press Foundation, the Tor Project, and the Free Software Foundation—is already off to a great start. […] more…Taiwan Hit With Micropayment Fraud via Android Malware
In our 1Q Threat roundup report, we noted that the number of mobile malware and high-risk applications reached the two-million mark and is rapidly growing. In our monitoring of the mobile threat landscape, we have recently discovered an Android malware that is spreading fast in Taiwan, detected as ANDROIDOS_RUSMS.A. Mobile users fall victim via SMS spam attack. Users receive […] more…Finding evil in Flash files
Adobe Flash is present on nearly every PC, thus, malware authors have been increasingly targeting it over the last years, following the principle of return on investment, i.e. they will focus on popular technologies to exploit as that will eventually mean a larger base of compromised machines. The rich ActionScript features that are available in […] more…Hacking Apple ID?
The many announcements at Apple’s 2014 Worldwide Developers Conference (WWDC) this week was welcome news to the throngs of Apple developers and enthusiasts. It was also welcome news for another group of people with less than clean motives: cybercriminals. Last week we got a concrete example of how some cybercriminals are now actively targeting Apple ID accounts. A thread […] more…Gameover: ZeuS with P2P Functionality Disrupted
Earlier this week, the Federal Bureau of Investigation announced that an international effort had disrupted the activities of the peer-to-peer (P2P) variant of ZeuS/ZBOT known as “Gameover.” Trend Micro was one of the parties that was involved in this effort to disrupt the activities of this well-known online banking Trojan. Gameover is well-known for its resilience to […] more…Banking Trojan Trend Hits Japan Hard
In its recent report, National Police Agency mentioned that the current estimated total cost of unauthorized transactions suffered by Japanese users reached 1.417 billion yen during the period of January-May 2014. In comparison the estimated total damage cost from these kinds of threats was 1.406 billion yen in 2013. Data released by Japanese Bankers Association also gives […] more…Scrape FAST, Find’em Cards EASY!
While researching POS RAM scraper malware, I came across an interesting sample: a RAR archive that contained a development version of a POS RAM Scraper malware and a cracked copy of Ground Labs’ Card Recon software. Card Recon is a commercial Data Leakage Prevention (DLP) product used by merchants for PCI compliance. (The contents of […] more…The Blackshades RAT – Entry-Level Cybercrime
Earlier this week the US government announced the arrest of more than 100 individuals linked to the Blackshades remote access Trojan (RAT). While most of those arrested were merely users of this RAT, the arrests included its co-creator, a 24-year-old Swede named Alex Yücel. Also arrested was a 23-year-old American named Brendan Johnston, who was involved in […] more…eBay Latest Victim of Massive Data Breach
When we said as part of our 2014 predictions that there would be one major data breach per month, we actually hoped we’d be wrong. Unfortunately, so far, we’ve been proven right: the latest victim of a massive data breach is the well-known auction site eBay. To recap, earlier this week eBay disclosed in a […] more…Cisco chief writes to Obama to decry NSA activities
Cisco chief executive John Chambers has complained to US President Barack Obama about the National Security Agency’s spying practices, saying they were harming overseas business for US tech firms. “This issue affects an entire industry,” the head of the telecom equipment maker said in a letter dated Friday obtained by AFP. Tags: Cisco NSA Industry […] more…Citrix Apps Used as Lure in Targeted Attack Against Global Airline
The effectiveness of a social engineering lure depends on relevance, and while in past attacks this could mean state-related issues, in some cases, it can be as specific as a particular service. We recently dealt with a targeted attack aimed at a major global airline that used certain Citrix products and services as its social engineering lure. The use […] more…More information
- Industrial Firms Advised Not to Ignore Security Risks Posed by URL Parsing Confusion
- Spyware Found in Google Play Apps With Over 420 Million Downloads
- New Types of Reflection DDoS Attacks Spotted
- Microsoft debuts personalized patch dashboard for IT pros
- Google joins Mozilla, Microsoft in pushing for early SHA-1 crypto cutoff
- AI & Your Family: The Wows and Potential Risks
- FTC gets $163 million ruling against scareware defendant
- Online ticketing company “See” pwned for 2.5 years by attackers
- OpenAFS CVE-2019-18601 Denial of Service Vulnerability
- The CEO of Snapchat met with Saudi Arabia’s Prince Alwaleed amid funding rumors