Millions of readers who visit popular news websites have been targeted by a series of malicious ads redirecting them to the Stegano exploit kit.
Criminals are hunting for routers with default credentials and with vulnerabilities in their firmware, with Brazilians the main target.
During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.
It’s that time of the year when the information security industry takes part in its annual tradition: coming up with cybercrime predictions and trends for the next 12 months.
Today, we published our research about Windows exploitation in 2014. This report contains interesting information about vulnerabilities in Microsoft Windows and Office patched over the course of the year, drive-by download attacks and mitigation techniques.
As regular readers will know, every year we publish our predictions on cybercrime attacks for the year ahead. Well, our South American research team has spent the last few weeks putting together our predictions for 2015.
Microsoft released a patch last week for a critical vulnerability allowing remote code execution in Internet Explorer. This vulnerability is significant because it exploits an old bug present in Internet Explorer versions 3 through 11.
APT actors trying to use big events as a lure to compromise their targets is nothing new. Tibetan NGOs being targeted by APT actors is also nothing new. Thus, surrounding the upcoming G20 2014 summit that is held in Brisbane, Australia, we were expecting to see G20 themed threats targeted at Tibetan NGOs. A Win32/Farfli (alias Gh0st RAT) sample ultimately confirmed our suspicions.
For at least five years the Sednit group has been relentlessly attacking various institutions, most notably in Eastern Europe. The group used several advanced pieces of malware for these targeted attacks, in particular the one we named Win32/Sednit, also known as Sofacy.
The gaming industry keeps growing, and the crowds at Cologne’s Gamescom 2014, show why big game titles are rapidly becoming a target for cybercrime. Our tips will help you enjoy the latest games – without hackers declaring ‘Game Over’.
Win32/Aibatook targets Japanese bank customers with an unusual Internet Explorer monitoring technique. We believe the malware has been in development for months – and is now ready for take-off.
The year 2013 was notable for the appearance of 0-day vulnerabilities that were primarily used in targeted attacks. In this case, criminal hackers worked on developing exploits, only not for random propagation of malicious code, but rather for use in attacks on specific users.
Recently, our anti-virus laboratory discovered an interesting new modification of a file virus known as Expiro which targets 64-bit files for infection. File-infecting viruses are well known and have been studied comprehensively over the years, but malicious code of this type almost invariably aimed to modify 32-bit files. One such family of file viruses, called
Yesterday’s announcement by the US Department of Justice that the operators of file-sharing site Megaupload had been indicted for operating a criminal enterprise that generated over $175 million by trafficking in over half a billion dollars of pirated copyrighted material has sent shockwaves across the Internet. The accuracy of those figures may be questionable, but
ESET’s Threat Reports for September and October include some quality articles on Facebook, safety online, and backup strategy.
A new attack against Apple Mac OS X Lion (10.7) has been detected by Intego. The threat is a Trojan, dubbed Flashback, installed via a fake Adobe Flash installer downloaded from a third party site. As with the MacDefender and Revir malware, the Flashback attack uses social engineering to entice the user to download then
A new trojan has been released targeting the Macintosh Chinese-language user community. The trojan appears to the user to be a PDF containing a Chinese language article on the long-running dispute over whether Japan or China owns the Diaoyu Islands. When the user opens the “PDF” file, it attempts to mask the installation
Since its release in 2007, ESET Smart Security has received many accolades for its antimalware, antispam and firewall functions. However, we have recently been the recipient of a very dubious honor; a rogue antivirus program which masquerades as our own software. The Rogues Gallery Rogue antivirus is a loose family of programs that claim to
Insider Threat – your ATM may now be hacked from the inside. According to Wired’s Threat Level Blog… A Bank of America worker installed malicious software on his employer’s ATMs that allowed him to make thousands of dollars in fraudulent withdrawals, all without leaving a transaction record, according to federal prosecutors. According to the
Blog spambots are programs that automatically post comments to blogs. They are basically stupid programs written by people whose own mothers would rather not acknowledge their existence. At any rate, they are a hassle for bloggers who allow comments. There are a variety of techniques to automatically delete the spam posts, but they have advantages
Tragedy brings out the both the best and the worst in people. In the wake of the tragedy at Virginia Tech sewer-dwelling vermin are registering and selling domain names related to Virginia Tech, but they aren’t the threats. The floaters these sewer-dwelling vermin are swimming with are the jerks trying to use social engineering to
SETI@home (http://setiathome.berkeley.edu/) and Folding@home (http://folding.stanford.edu/) are interesting, if not cool uses of technology, but they do bear a striking resemblance to a nefarious threat called a botnet. Now with Sony contemplating a commercial “PS3 Grid” (http://blogs.pcworld.com/digitalworld/archives/2007/04/sony_looking_to.html) one wonders where the lines will blur. There are similarities between a botnets, SETI, Folding@home. The term botnet is
I received a question about the validity of a warning a friend received and thought it might be useful to share some information about spotting hoaxes. The text of the email is quoted in bold red below. Key hoax indicators. “PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS:” The above sentence already puts this
The “oh so scary” iPod virus is less proficient at spreading than the news around it. George Santayana was quite smart man. George was the guy who said “”Those who cannot remember the past are condemned to repeat it” and the media has been repeating (as in retelling) history in reporting the “iPod virus”. Modern
Kurt Wismer is “a long time member of the anti-virus community”, a very knowledgeable computer scientist, and all around good guy. Bad guys don’t post things like links to movies of infrared pictures of farts now, do they? http://place-guid-here.blogspot.com/2007/01/have-you-ever-wondered.html. I posted a link to a web site, noticed that there was a typo, fixed the
Microsoft Security Advisory (935423) – Vulnerability in Windows Animated Cursor Handling This is a very serious vulnerability that is almost certainly to be exploited on a wide scale basis. If the vulnerability were limited to animated cursors alone it would not be as serious, but there are reports of jpg files, which are very commonly
I received the following on email@example.com from James G. I have been hit by the following virus: (not on this PC) vxaudio.exe Have you ever heard of this? Hi James, I am not familiar with a virus named vxauio.exe, but that looks a whole lot like a file name. File names are almost never reliable
A friend was recently the unfortunate victim of credit card theft. I haven’t yet found a fortunate victim, but ultimately there is bound to be a criminal stupid enough to deposit money into a stolen account J In today’s online world, unless you can determine how the credit card theft occurred you really must assume
Fatigues – $28 Army boots -$129 GPS – $249 Good directions? Priceless It seems the Swiss accidentally invaded Liechtenstein (http://www.cbsnews.com/stories/2007/03/02/world/main2530066.shtml). Now this is funny first and foremost because nobody got hurt. There were lots of other reasons it was funny too. For example, a neutral nation invading an unarmed nation is a rather comedic situation.
From time to time we get comments in response to blog postings. Sometimes we get questions. One such question received today not only requires a reply, but I feel deserves a blog entry as it is the kind of question that when answered can help a lot of people understand more. The question, posted as
In the antivirus industry one of the terms we use is “heuristics”. This is a fancy word for “how we detect bad programs that we have never seen before”. The ability to detect bad programs before we have ever seen them is proactive detection. We write the detection before the threat exists. How we can
How can you tell if you are infected with a vulnerability? It is easy, you are not, and you do not get infected by vulnerabilities. So what are vulnerabilities then and why do they matter? The presence of a vulnerability simply means that you may be able to be attacked. Cars are vulnerable to being
Sign up to our newsletter
The latest security news direct to your inbox
Add this code to your site