How to avoid Android E-Z-2 Use exploit?
This exploit has been around for over a year, but I just became aware of it. It uses a WebView vulnerability to inject JavaScript in the Android browser and potentially gain access to SD card files, contacts, the file system, camera and more. read more more…Analysis of The Recent Zero-Day Vulnerability in IE9/IE10
Any vulnerability in Internet Explorer is a large issue, but last week’s zero-day vulnerability (designated as CVE-2014-0322) is particularly interesting. It used what we call a “hybrid exploit”, where the malicious exploit code is split across multiple components that use differing technology: in this case, the exploit code was split between JavaScript and Adobe Flash. […] more…Layer 7 DDOS – Blocking HTTP Flood Attacks
There are many types of Distributed Denial of Service (DDOS) attacks that can affect and bring down a website, and they vary in complexity and size. The most well known attacks are the good old syn-flood, followed by the Layer 3/4 UDP and DNS amplification attacks. Today though, we’re going to spend a little time […] more…Malware Uses ZWS Compression for Evasion Tactic
Cybercriminals can certainly be resourceful when it comes to avoiding detection. We have seen many instances wherein malware came equipped with improved evasion techniques, such as preventing execution of analysis tools, hiding from debuggers, blending in with normal network traffic, along with various JavaScript techniques. Security researchers have now come across malware that uses a […] more…New iFrame Injections Leverage PNG Image Metadata
We’re always trying to stay ahead of the latest trends, and today we caught a very interesting one that we have either been missing, or it’s new. We’ll just say it’s new.. We’re all familiar with the idea of iFrame Injections, right? Understanding an iFrame Injection The iFrame HTML tag is very standard today, it’s […] more…Website Mesh Networks Distributing Malware
Can you imagine having the keys to a kingdom? How awesome would that be!! This is true in all domains, especialy when it comes to your website. This is almost like the holy grail of website attacks, gain access and do what you want with someone else’s pride and joy. We all know that once […] more…City of Franca Website Compromised
While analyzing the URLs of malicious redirectors our product had detected, a Flash object hosted on .gov.br domain caught my eye. Since my Portuguese is a little rusty, I turned to a colleague in our office in Brazil, and she confirmed that the domain belongs to the city of Franca in São Paulo, Brazil. One […] more…Malicious Yahoo Ads – Preventable With Patching, Security Solutions
Over the holidays, it was reported that malicious ads had appeared on various Yahoo sites and affected users in Europe. Two claims about this attack have been made: first, that it affected “millions” of users, and secondly, that it was used to plant Bitcoin miners on affected computers. Some of these claims may be a […] more…Do Yahoo mail users in the US need to be concerned about the Yahoo malware attack?
There was a malware attack on European users of Yahoo! email in December, apparently using Javascript as an attack vector. Was this completely limited to Europe, or should Yahoo mail users in the US also be worried? more…Security issue on vBulletin’s uploader.swf
The vBulletin team recently disclosed a XSS (cross site scripting) vulnerability in the uploader.swf file that is included by default on vBulletin 4 and 5. This file comes from the YUI library that is not supported anymore, so the vBulletin team is recommending everyone to remove that file asap from their installs. This is their […] more…A Year of Spam: The Notable Trends of 2013
2013 was a year of change inthe spam landscape. The volume of spam increased from 2012. We witnessed the decline of a previously-successful exploit kit. The old became new again, thanks to different techniques used by spammers. While we still saw traditional types of spam, we also saw several “improvements” which allowed spammers to avoid […] more…Changes to Gmail’s Image Display Defaults May Change Your Privacy
Recently Google announced that it had changed its policy dealing with images in email. In a blog post on the official Gmail blog, Google said: [You’ll] soon see all images displayed in your messages automatically across desktop, iOS and Android. Instead of serving images directly from their original external host servers, Gmail will now serve […] more…Sharking: High-Rollers in the Crosshairs
We get a lot of samples here at F-Secure Labs, most of them being submitted online. But every now and then, somebody visits one of our labs and brings along their computer for forensics. Earlier this year, a guy in his early 20’s pulled up and parked his Audi R8 just outside our Helsinki HQ. […] more…Sucuri is Hiring – Employment Opportunities
It’s always an exciting time when we can reach out to our community and let folks know that there are new opportunities to join our company. That is where we find ourselves today. We have reached a point where we need to reach out again and continue our growth trajectory. We are looking for a […] more…Phishing Emails to Install Malicious WordPress Plugins
When all else fails, the bad guys can always rely on some basic social engineering tactics with a little hit of phishing!! Over the weekend, a few of our clients received a very suspicious email telling them to download a new version of the popular “All in One SEO Pack” plugin for WordPress. What a […] more…VBS Malware Spreading in Latin America
During the past few months, we’ve been observing increases in the number of systems infected by VBS malware, specifically VBS_SOSYOS, VBS_JENXCUS and VBS_DUNIHI. Most of these systems were found in Latin America, a region targeted by the Banker/Bancos Trojan. Figure 1. VBS malware activity for the past months in Latin America region (LAR) These VBScript […] more…More information
- Ready or not, unmanned drones may soon be a staple of American life
- Next-gen Apple Watch will reportedly get its first major CPU upgrade in years
- Security Sessions: Is hospital security on life support?
- What’s Ahead for ICS Cyber Security in 2017
- Microsoft patches XML flaw under attack and 15 more vulnerabilities
- MWC Preview: Tailoring Security to the Modern Connected Lifestyle
- Kenneth van Wyk: Staying out of the belly of the Internet beasts
- Bug Bounty Hunters Earned Over $4M for XSS Flaws Reported via HackerOne in 2020
- Windows 8 deemed a threat to Chinese national security
- How to use Microsoft Loop in Outlook and Teams