Microsoft released a patch last week for a critical vulnerability allowing remote code execution in Internet Explorer. This vulnerability is significant because it exploits an old bug present in Internet Explorer versions 3 through 11.
APT actors trying to use big events as a lure to compromise their targets is nothing new. Tibetan NGOs being targeted by APT actors is also nothing new. Thus, surrounding the upcoming G20 2014 summit that is held in Brisbane, Australia, we were expecting to see G20 themed threats targeted at Tibetan NGOs. A Win32/Farfli (alias Gh0st RAT) sample ultimately confirmed our suspicions.
For at least five years the Sednit group has been relentlessly attacking various institutions, most notably in Eastern Europe. The group used several advanced pieces of malware for these targeted attacks, in particular the one we named Win32/Sednit, also known as Sofacy.
Win32/Aibatook targets Japanese bank customers with an unusual Internet Explorer monitoring technique. We believe the malware has been in development for months – and is now ready for take-off.
The year 2013 was notable for the appearance of 0-day vulnerabilities that were primarily used in targeted attacks. In this case, criminal hackers worked on developing exploits, only not for random propagation of malicious code, but rather for use in attacks on specific users.
Recently, our anti-virus laboratory discovered an interesting new modification of a file virus known as Expiro which targets 64-bit files for infection. File-infecting viruses are well known and have been studied comprehensively over the years, but malicious code of this type almost invariably aimed to modify 32-bit files. One such family of file viruses, called
Yesterday’s announcement by the US Department of Justice that the operators of file-sharing site Megaupload had been indicted for operating a criminal enterprise that generated over $175 million by trafficking in over half a billion dollars of pirated copyrighted material has sent shockwaves across the Internet. The accuracy of those figures may be questionable, but
ESET’s Threat Reports for September and October include some quality articles on Facebook, safety online, and backup strategy.
A new attack against Apple Mac OS X Lion (10.7) has been detected by Intego. The threat is a Trojan, dubbed Flashback, installed via a fake Adobe Flash installer downloaded from a third party site. As with the MacDefender and Revir malware, the Flashback attack uses social engineering to entice the user to download then
A new trojan has been released targeting the Macintosh Chinese-language user community. The trojan appears to the user to be a PDF containing a Chinese language article on the long-running dispute over whether Japan or China owns the Diaoyu Islands. When the user opens the “PDF” file, it attempts to mask the installation
If you don’t remember the Rumble in the Jungle, it was a boxing match between George Foreman and Muhammed Ali. Back in 1974 names like Foreman and Ali were as famous as companies like Google and Facebook are now. Google, like the older Ali, has been taking punches in the early rounds of the social
I’ve been using Google Plus almost as long as it has been around, which is a sneaky way of saying I am a noob to it :) Frankly, at this point I do not see anything particularly novel or sensational. I just haven’t seen the killer feature that will vanquish the Facebook megalith, but perhaps
This is an impressive looking certificate isn’t it? You might think it means something significant, but then you might be wrong. How hard is it to pass the Internet and Child Safety Advocate certification test? Ask Hanna, a 9 year old (10 this weekend) girl who I met with her father at a local coffee
Cameron Camp just blogged about the announcement that Google is going to delete all private profiles at the end of July. This really wouldn’t be a big issue if it wasn’t for the fact that Google is as two faced as you get on privacy and has a history of neglecting user privacy, such as
Facebook recently launched a facial recognition feature that allows you and others to “tag” photos with your name. As has been the norm for Facebook, this “feature” is turned on by default and users must take their own initiative to limit, or turn it off. The implications are wide-ranging, so if you or anyone in
Yet another Facebook Clickjacking attack is making the rounds. This time the message shows as below. A right-click (not left) will allow you to copy the source location and open the link in a protected environment. The link brings up the following image The “Jaa” button is actually a “Share” button and will post the