Bots – The internet weapons, Their Types and How to Protect Youself
In today’s world I don’t believe that there would be anyone who is not aware about the internet may be some extreme out of the world tribes like of the Pygmy might be not aware of it. We surf internet almost daily, may be to carry out some important work or sometimes just to relax […] more…ZBOT Adds Clickbot Routine To Arsenal
The ZeuS/ZBOT malware family is probably one of the most well-known malware families today . It is normally known for stealing credentials associated with online banking accounts. However, ZBOT is no one-trick pony. Some ZBOT variants perform other routines like downloading or dropping other threats like ransomware. We recently came across one variant detected as TROJ_ZCLICK.A, […] more…Grand Theft Auto V PC Beta Test Lures Victims
Rockstar Games’ latest offering for the videogame industry, open-world crime simulator Grand Theft Auto V, came out several months ago for consoles to fanfare and anticipation. Unsurprisingly, people have been waiting for the PC version, despite Rockstar Games being very mum about its release date (or even its existence). This uncertainty did not stop cybercriminals from […] more…Facebook cuts its vestigial e-mail addresses
Facebook has retired its @facebook.com e-mail addresses as of Monday, according to Recode. The reason for killing the feature is, unsurprisingly, very few people were using it. Facebook introduced the e-mail addresses in November 2010 as a way to deliver messages to users’ inboxes without needing to use Facebook to originate the message. At the […] more…2004-01-30: Weblog for Mydoom Incident Started
Monday, the 26th of January, 2004: Mydoom started spreading. Today it's been exactly 10 years since the massive Mydoom email worm outbreak. http://t.co/SLskpyrgnw pic.twitter.com/Ip03yD2gRb — Mikko Hypponen (@mikko) January 26, 2014 And on Friday, the 30th of January, 2004: the universe’s first antivirus blog was born! Then Sunday… Continuing to this very day! Thank you, […] more…From Latin America with love, Jumcar strikes again
A new sample was submitted to the Virus Total system on January 18th which was quickly spotted by my colleague Dmitry Bestuzhev. Interestingly enough, it seems that a new variant of the Jumcar malware family has appeared and a lot of changes have been made to the original source code. As this is Latin American […] more…City of Franca Website Compromised
While analyzing the URLs of malicious redirectors our product had detected, a Flash object hosted on .gov.br domain caught my eye. Since my Portuguese is a little rusty, I turned to a colleague in our office in Brazil, and she confirmed that the domain belongs to the city of Franca in São Paulo, Brazil. One […] more…Stealing Credit Cards – A WordPress and vBulletin Hack
What better way to celebrate Thanksgiving than to share an interesting case that involves two of the most popular CMS applications out there – vBulletin and WordPress. Here is a real case that we just worked on this week, involving an attacker dead set on stealing credit card information. Enjoy! The Environment The client runs […] more…The Story of Clip:rect – A Black Hat SEO Trick
We regularly write about Black Hat SEO hacks here. Such hacks help hackers monetize their access to compromised sites by incorporating them into massive schemes that try to manipulate search engine results for queries that potential clients may be interested in. Think of gray areas like: payday loans, pharmaceuticals, counterfeit drugs and luxury goods. As […] more…Sucuri Affiliate Updates
We have been running a quite successful (but stealthy) affiliate program for a few years, paying our partners very well. Our goal has always been to allow our clients that already love what we do, to make some money when they also send their friends or customers to us. However, as our affiliates know, the […] more…Targeted exploit
In September Microsoft published information about a new Internet Explorer vulnerability – CVE-2013-3893. The vulnerability affects IE versions 6 through 11 for platforms from Windows XP through Windows 8.1. Later in September, the company released a patch closing the vulnerability. Cybercriminals are happy to exploit such vulnerabilities because they are easy to monetize – the […] more…ARP Spoofing And Lateral Movement
In targeted attacks, during the lateral movement stage attacks try to gain access to other computers on the same local area network (LAN). One useful tool to achieve this is ARP spoofing, which can be used to carry out a variety of attacks to steal information as well as plant backdoors on other machines. We […] more…New IE Zero Day is Actively Exploited In Targeted Attacks
Right after a week from September Patch Tuesday, Microsoft had to rush a “Fix It” workaround tool to address a new zero-day Internet Explorer vulnerability (CVE-2013-3893), which is reportedly being actively exploited in certain targeted attacks. As Microsoft advised, the said exploit is targeting a Use After Free Vulnerability in IE’s HTML rendering engine (mshtml.dll). […] more…Investigating the Security of the Firefox OS
Firefox OS is Mozilla’s foray into the mobile operating system field and promises a more adaptive mobile OS. But as mobile threats, in particular in the Android platform, has gained momentum, the question in everyone’s mind is – how safe is it? About a month ago, Telefonica announced that it had launched the Firefox OS […] more…BYOD: Balancing Convenience and Security
It lies next to you as you sleep, comes with you to work, rides home with you in your car and even travels with you on vacation. Your smartphone goes with you everywhere. Although convenient, the unprecedented connectivity we are experiencing culturally with mobile devices can create an equally daunting issue when it comes to […] more…Andromeda Botnet Gets an Update
The Andromeda botnet is still active in the wild and not yet dead. In fact, it’s about to undergo a major update real soon. This botnet was first reported back in 2011 but has recently risen to prominence due to the latest modifications in the threat. Initially, this project to update Andromeda was about to […] more…More information
- Someone else may have your videos, Google tells users
- US tightens rules on drone use in policy update
- Amid breach fallout, Global Payments struggles with public message
- Despacito YouTube video hack – teenagers charged
- MySQL vulnerability allows attackers to bypass password verification
- Microsoft Windows Task Scheduler CVE-2015-0098 Remote Privilege Escalation Vulnerability
- Man Sentenced to Prison for Stealing Millions in Cryptocurrency via SIM Swapping
- Microsoft’s enterprise-grade security is coming to Windows 10 IoT
- NFC Payment Test at Olympics Will Inspire Mobile Attackers to Go for the Gold
- Open Backdoors and Voice Assistant Attacks: Key Takeaways from the 2019 Mobile Threat Report