New MacOS Dacls RAT Backdoor Show Lazarus’ Multi-Platform Attack Capability
By Gabrielle Joyce Mabutas With additional insights/analysis from Kazuki Fujisawa A one-time password (OTP) system involves the use of a generated password that can only be used once to log in and access specific online services. Often managed by a third-party provider, this rolling password system aims to reduce unauthorized intrusions to systems via compromised […] more…Exposing Modular Adware: How DealPly, IsErIk, and ManageX Persist in Systems
By RonJay Caragay, Fe Cureg, Ian Lagrazon, Erika Mendoza, and Jay Yaneza (Threats Analysts) Adware isn’t new and they don’t spark much interest. A lot of them are overlooked and underestimated because they’re not supposed to cause harm — as its name suggests, adware is advertising-supported software. However, we have constantly observed suspicious activities caused […] more…Andromeda Botnet Resurfaces
The Andromeda botnet – first spotted in late 2011 – has recently resurfaced. This threat arrives via a familiar means: spammed messages with malicious attachments or links to compromised websites hosting Blackhole Exploit Kit (BHEK) code. Here is one spam message we saw recently: Figure 1. Sample spammed message Andromeda itself is highly modular, and […] more…More information
- Adobe Flash Player CVE-2013-0633 Buffer Overflow Vulnerability
- Silent Circle’s encrypted phone app cleared for US government use
- Microsoft releases out-of-band security update to fix IE zero-day & Defender bug
- Microsoft Office Collaborations in Canvas will be available
- Pindrop Security Raises $75 Million to Up Its Fight Against Phone Fraud
- Google yanks sketchy iMessage clone for Android from app store
- Apple Keeps Malware Info from Antivirus Firms: Researcher
- Microsoft Office CVE-2016-3283 Memory Corruption Vulnerability
- UK government urges small businesses to become more “cyber streetwise”
- T-Mobile Outage Mistaken for Massive DDoS Attack on U.S.