Following the recognition at Virus Bulletin 2014 of ESET’s research on Operation Windigo, I took the opportunity to ask Marc-Etienne Léveillé – who worked directly on the Operation Windigo report a few questions. Marc-Etienne is a malware researcher at ESET.
In this post we provide additional information on how a specially crafted PowerPoint slideshow file (.PPSX) led to the execution of a BlackEnergy dropper.
This week in security, we covered a full range of privacy and malware, with controversial plans to equip police officers with facial recognition packed Google Glass in Dubai, and the BadUSB malware finding its way on to GitHub.
Malware may begin to offer genuinely helpful functionality in the future, in order to “fly under the radar” and fake legitimacy before striking, according to Professor Giovanni Vigna from the University of California.
Since the BadUSB malware was released to the public with hopes of forcing a fix, a solution has emerged from the researchers who posted the code, but the fix is definitely not without its problems.
For at least five years the Sednit group has been relentlessly attacking various institutions, most notably in Eastern Europe. The group used several advanced pieces of malware for these targeted attacks, in particular the one we named Win32/Sednit, also known as Sofacy.
This week, a serious software vulnerability, which rapidly became known as the ‘Bash Bug’ or ‘Shellshock’ dominated the headlines, as two other faked news stories showed that hoaxes can fool the world very easily these days.
State organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that’s evolved into a sophisticated threat with a modular architecture.
This week offered a lesson in how cybercriminals follow the news, and time their attacks to dupe the unwary – with several different attacks aimed at iPhone fans, in the week where Apple unveiled its iPhone 6.
Online criminals are spamming out messages claiming that invoices are overdue. But attached to the emails are .ARJ files containing a malicious payload – don’t allow your computer to become infected.
British internet users opening a spam email are three times more likely to be facing a malicious URL than users in the US, thanks in part to a wave of highly targeted financial malware.
This week, American chain Home Depot admitted its systems had been breached, Gmail users got a fright, and a series of videos showed leaks in Android chat apps. Meanwhile, Facebook freaked out the world…. again.
A strain of malware which previously targeted banks has turned its attention to users of the popular Customer Relationship Management (CRM) software Salesforce, used by 100,000 organizations worldwide.