Uncovering Malicious Browser Extensions in Chrome Web Store
Months ago, Google published a blog post informing users of Google Chrome that they cannot install browser extensions from third parties. The reason: security. By only permitting extensions from official Chrome Web Store, Google claims they would be able to police these extensions in order to prevent malicious ones. Unfortunately, such tactics aren’t enough to […] more…Malicious advertising hits Amazon, YouTube and Yahoo, Cisco says
Malicious advertisements have popped up on websites such as YouTube, Amazon and Yahoo, part of a sophisticated campaign to spread malware, Cisco said Monday. When encountered, the malicious advertisements cause a person to be redirected to a different website, which triggers a download based on whether the computer is running Windows or Apple’s OS X, […] more…Malware Bypasses Chrome Extension Security Feature
Originally created to extend a browser’s functionality, browser extensions have become yet another tool for cybercriminals’ schemes. Earlier this year, Google has addressed the issue of malicious browser extensions by enforcing a policy that only allows installations if the extensions are hosted in the Chrome Web Store. While this policy can provide more security for […] more…Network Vulnerabilities IT Admins Can Use to Protect Their Network
Being able to adapt to change is one of the most important abilities in security today, mostly because attacks to defend against are able to do the same. The sophistication of current threats is mainly seen in their skill to adjust based on the weaknesses of the environment they are targeting. In this post, we will try to see […] more…Quick Analysis of a DDoS Attack Using SSDP
Last week, one of our many clients came under an interesting attack. Enough that it was flagged for human intervention. The interesting aspect of the case was that it was a multi-faceted DDoS attack. The first issue we noticed was a Layer 7, HTTP Flood Attack, Distributed Denial of Service (DDoS) attack generating thousands of […] more…PGP: Not Perfect, But Something To Build On
In the past couple of weeks, the effectiveness of PGP as a way to encrypt the emails of users has been a subject of much debate. This latest round was kicked off by Matthew Green, a professor of cryptography at Johns Hopkins University, who criticized PGP primarily for flaws in key management and for its […] more…“Salad Words” Spam Run Exploits Unlikely Resources
We recently reported about a large spike of commercial spam that employed micro-sized salad words or random gibberish words found in the email body to bypass spam filters. The content of these messages varied from hair loss cures to car sales to retailer coupons. Most of the samples contained links to websites they themselves advertise. […] more…New BlackPOS Malware Emerges in the Wild, Targets Retail Accounts
We recently spotted a brand new BlackPOS (point-of-sale) malware detected by Trend Micro as TSPY_MEMLOG.A. In 2012, the source code of BlackPOS was leaked, enabling other cybercriminals and attackers to enhance its code. What’s interesting about TSPY_MEMLOG.A is it disguises itself as an installed service of known AV vendor software to avoid being detected and consequently, […] more…Mobile Security Roundup 1H 2014
The first half of this year has been quite eventful for the mobile threat landscape. Sure, we had an idea the state of affairs from 2013 would continue on to this year, but we didn’t know just to what extent. From ballooning mobile malware/high risk app numbers to vulnerabilities upon vulnerabilities, let’s recap just what […] more…Security Advisory – Akeeba Backup for Joomla!
Advisory for: Akeeba for Joomla! Security Risk: Low Exploitation level: Difficult/Remote Vulnerability: Access control bypass If you’re a user of the very popular “Akeeba Backup for Joomla!” extension (with over 8m downloads), you need to update it right away! During a routine audit for our WAF, we found a vulnerability that could allow an attacker […] more…Ransomware Race (Part 4): Adult Content, Browlock’s Staying Power
Lately, our eyes have been caught by the rise of Ransomware families. It is very evident that the bad guys are constantly developing this type of malware family as seen in our previous posts about CryptoWall and CTB-Locker and Synolocker. In addition to these families, we have also been observing a rather simpler type of […] more…7 Places to Check for Signs of a Targeted Attack in Your Network
Targeted attacks are designed to circumvent existing policies and solutions within the target network, thus making their detection a big challenge. As we’ve stressed in our previous entry about common misconceptions about targeted attacks, there is no one-size-fits-all solution against it; enterprises need to arm themselves with protection that can provide sensors where needed, as well as IT […] more…Resolved: Redhat Satellite upgrade
Red Hat resolved their network issues, and the satellite server has rebuilt it\’s repo caches and is now available. Please report any issues you encounter to redhat@computerstore.psu.edu. more…Gmail introduces filters for non-Latin characters, weeding out more phishing emails
Using non-Latin characters that look very similar to their ASCII counterparts helps scammers, spammers and phishing crooks send emails from legitimate-looking addresses. Now Google’s putting a stop to that with a set of new spam filters. more…ZeuS GameOver, Brazilian Trojans and Boletos: an explosive combination
I’m sure you’ve read or heard about the malware attacking boletos – the popular Brazilian payment system – and how lots of malicious code is able to modify it, redirecting the amount paid to an account owned by criminals. Despite the fact that some numbers were overestimated by some companies and media outlets, these attacks […] more…Diving Deep into Mayhem
Malware targeting Linux servers has been increasingly hitting the headlines over the past year. In this post we will present research on an advanced and highly versatile malware operation targeting Linux and FreeBSD servers. We have named the malware family at the heart of this operation GalacticMayhem, as a reference to some of the C&C […] more…More information
- Over 500,000 IoT Devices Vulnerable to Mirai Botnet
- Another Microsoft 365 outage affects search functionality in services
- Introducing VirusTotal Code Insight: Empowering threat analysis with generative AI
- Trend Micro Unveils New Cloud Security Platform
- Apple to fix iPhones’ vulnerability to boobytrapped chargers
- Case Study: Complexities of “simple” malware
- Google Blocked 1.4 Million Bad Apps From Google Play in 2022
- GCHQ’s encryption fix? Pass the buck to the lawmaker hellbent on killing it
- Resolved: Penn State Beaver: Local connectivity degradation
- What’s Your Threat Intelligence Strategy?