Friday, July 20, 2012
Orkut phish serves up adult content warning
Here s an example of the Content suitable for adults verification scam seen over on Tumblr popping up in the world of Orkut. Clicking through teases the end-user with semi naked body bits flopping about all over the screen, followed by a rather nice looking fake login. Click to Enbig Click to Enbig Click to Enbig See More..
Security firm RSA blames nation state for attack on its servers
RSA has revealed that it believes two groups, operating on behalf of a single nation state, hacked into its servers and stole Information related to the organization s SecurID two-thing authentication products. Speaking at the RSA Security Conference in London, RSA s executive chairman Art Coviello described the high profile attack that made headlines around the world. See More..
A Look at One Day of Malware Samples
In September we additional 1.6 million malware to our database. With these new entries, our malware collection surpassed 70 million samples. The five million new samples inside the third quarter represent approximately 55,000 samples per day, 2,300 per hour, or 38 per minute. to obtain a sense of these threats, I examined one day at See More..
Anti spam service Engineer/Analyst(Dublin based,Spanish/Portuguese speaking)
Anti spam service Engineer/Analyst(Dublin based,Spanish/Portuguese speaking) Posted: 11 October 2011 organization name: Microsoft Location: Dublin Ireland Poster represents: employer Terms of employment: Salaried employee Hours: full time Onsite: yes Description:Microsoft The Forefront for Workplace (FFO) team is looking for a Spam Analyst (Service Engineer) who will likely be responsible for protecting millions of our customers from See More..
Malware Threat Researcher
Malware Threat Researcher Posted: 11 October 2011 organization name: Sophos Location: Abingdon United Kingdom Pay rate: up to ?38k + variable pay + advantages Travel: occasionally Poster represents: employer Terms of employment: Salaried employee Hours: full time Onsite: yes Description:In this exciting role you may work as part of the SophosLabs team, protecting businesses from See More..
UPS phishing email wants your shipping credentials
Do you ship packages via UPS? Do you have an account to track packages and authorize shipments? If so you have to be on the lookout for a new phishing spam Producing the rounds. The email comes from an account that appears to be UPS Communication with the topic of important Update . The email reads: "Please See More..
Burglar Busted by Facebook
In the event you re going to push through with a burglary, then you d better guarantee that there s small that can connect you with the crime in question. Leaving your cell phone behind yeah, that s a large no no; leaving your cell phone that s connected to your Facebook page even worse. 24 year old Oscar See More..
Is Anti-Malware Redundant When you might have URL Filtering?
A Popular misconception is that URL filtering is enough protection on the Secure Web Gateway, and that there s little require for anti-malware (anti-virus) scanning. ahead of we explain why you extremely require both WebFilter (URL filtering) and ProxyAV (anti-malware) inside your Secure Web Gateway deployment, let s first explain what both and ereally one of these features actually does. See More..
Latin American banks under fire from the Mexican VOlk-Botnet
Latin America has ceased to be a region that simply receives attacks from across the world. contemplating that late 2009 it has begun to copy fraudulent company models by means of which American cybercriminals have begun Making their extremely own criminal resources. Examples consist of Brazil, with the internet application called TELA (to Manage the Information stolen from zombie computers); See More..
Patch Tuesday October 2011
Microsoft customers have an urgent and heavy dose of patching to do today. Net Explorer might have only one update assigned to it, but the MS11-081 cumulative update fixes eight distinct vulnerabilities. And these vulnerabilities impact all lines of Windows, including Windows 7 x64 all the way up via Windows Server 2008 x64 Service Pack See More..
Microsoft Patch Tuesday – October 2011
Hello and welcome to this month s blog on the Microsoft patch release. This is an average month the vendor is releasing 8 bulletins covering a total of 23 vulnerabilities. Nine of the issues are rated serious and they affect Internet Explorer, .NET, and Silverlight. The remaining issues are rated crucial and affect Windows, the See More..
Cyanogenmod.com compromised with warlikedisobey.org injection
Cyanogenmod.com may possibly well be a site offering legitmate custom firmware for Android devices. It s a Well-liked site, pulling in about 100,000 exclusive US users per day based on compete.com and it has an Alexa rank of 6728.Unfortunately, the site has been compromised in an injection attack having a hard-to-diagnose piece of malware attempting to load code from See More..
Spammers Pay Tribute to Icons with Atrocious Malware
Contributor: Christopher Mendes When stalwarts pass away the world mourns their loss, tributes flow and emotions run high. Whenever we lose a legendary figure, their death brings shock or grief and people are hungry for any and equite available piece of Info about the "How" and the "Why" and the "When" related to the death See More..
Google Eye Phish: Bait Me A Hook in the Morning
Well, yes, that title is quoting a song by John D. Loudermilk, writtenwith several (perhaps accidental) prescienceway back in 1962. Given the aggravation that 21st century phishing causes Google users, perhaps it s time for a brand new song dedicated to that particular pastime. inside the meantime, I concept I d mention a shoal of the wretched items See More..
Inside Phoenix Exploit’s Kit 2.8 mini version
Phoenix Exploit s KIt's a package with much more continuity in crime scene crimeware. After all this tour is currently in the wild version 2.8 that, despite Having a low activity because the last half of this year, remains one of the numerous Exploit Pack with greater preference for cyber-criminals. possibly this slack time to have See much more..
several thing evil on 66.197.235.245 (Exp/20100840-B)
There's certainly currently a poorly detected (VirusTotal reports 1/43) Java exploit being distributed by 66.197.235.245 through injection attacks. One example is injected obfuscated code pointing to tualette.ce.ms/content/field.jar but you may find possibly plenty of these. Currently only Sophos detects this as Exp/20100840-B. Blocking all traffic to 66.197.235.245 is the quickest technique to Protect against this particular See More..
Government uses secret order to pry open WikiLeaks email
The US government has forced Google at the same time as the small Web provider Sonic.World wide web to hand over Information from email accounts belonging to WikiLeaks volunteer Jacob Appelbaum, news outlets reported on October 11. in accordance with a story inside the Wall Street Journal, the government utilised a controversial, secret court order to force the Information handover. Google wouldn t See More..
study on Android Auto-SMS
This blog is written by Beannie Cai. Not longago, Symantec Security Response posted a blog titled Animal Rights protesters use mobile indicates for their message, which related to the Trojan horse Android.Dogowar that targets the Android mobile OS. This Trojan may possibly be developed by animal protection organizations, so that you simply can punish the mobile users See More..
Fake jobs: it-jobsearch.com
Another fake job dokey, it-jobsearch.com follows on directly from these two reported yesterday. The dokey is registered to the same fake address in France as yesterday.As usual, the email soliciting replies to this dokey is attempting to recruit men and women for funds laundering. The email may possibly appear to come from your own email address (here s why).If See More..
Will your next Television manual ask you to run a scan instead of adjusting the antenna?
Contributors: Shunichi Imano October 2011 marks the eighth annual National Cyber Security Awareness Month to be held within the United States. One highly visible concern that makes this year different from previous years is the triple-digit growth rates which are being reported across the board by equite antivirus vendor with regards to threats found See More..
Sony suffers One more security scare – 93,000 user accounts broken into
Hackers successtotally broke into 93,000 accounts at Sony over the last few days, once once again impacting users of the Sony Entertainment Network, PlayStation Network (PSN) and Sony on-line Entertainment services. according to a blog article by Philip Reitinger, Sony s Chief Info Security Officer, credit card details were not compromised. As a precautionary step, Sony has See More..
Mac Trojan Flashback.B Checks for VM
One of our analysts has found a couple ofthing interesting even though debugging the latest version of Flashback, a Mac trojan that attempts to trick people into believing it s an Adobe Flash Player update. even though comparing the differences between Flashback.A and Flashback.B, he saw this routine: Flashback.B performs a vmcheck . If virtualization is detected, the trojan aborts itself. See More..
Upgrade your Antivir Premium version 2010 to the Avira Antivirus Premium 2012
If you're using the Antivir Premium version 2010 you'll require to have already received the slideup to upgrade your product to the latest (and greatest) version 2012. When you click on that link and you're redirected on this page. On the page you may well well have the possibility to download the newest version of the See More..
Security patch for iTunes fills a whopping 79 holes.
Apple has just released iTunes v10.5 in preparation for the impending release of their latest operating technique iOS5. The patch Not only includes support for iCloud and wireless syncing, but importantly contains a slew of security fixes for the Windows version of the ubiquitous media player. The patch fixes 79 vulnerabilities of which 73 are See More..
Patch Internet Explorer Now
Yesterday was Microsoft s Patch Tuesday for the month of October. There were a total of eight new security bulletins not at the same time many, but enough to keep IT admins busy for a although. although most of the vulnerabilities addressed are not imminent threats, security experts are nearly unanimous that patching Web Explorer should be priority one. First, See More..
Spotify Sharing Bug Fixed
Spotify has been inside the spotlight for many weeks now but not for the reasons that it would have liked. The music streaming service is one of the quite first to embrace the new frictionless sharing feature Facebook announced at F8. As it turns out, however, Spotify users aren t as well keen on Having their listening See More..
“Scan from a Hewlett-Packard Officejet 745065″ and 94.23.116.30
These fake Scan from a Hewlett-Packard Officejet emails have been around for a small even though now. Here s a slightly new verson: From: hp@victimdomain.com Date: 11 October 2011 23:41 Subject: Scan from a Hewlett-Packard Officejet 745065 A document was scanned and sent to you utilizing a Hewlett-Packard HP Officejet 63639D. Sent by: SINA Images : See More..
Mass infections from jjghui.com/urchin.js (SQL injection)
We are seeing multiple sites compromised with malware from jjghui.com/urchin.js. Most of them are IIS/ASP sites along with the infection method seems to be similar to the Lizamoon mass infections from a few months ago (SQL injection). according to Google, almost 1.5k sites have been blacklisted already because of it, and you may find 80k+ pages on See More..
Celebrity email hacker suspect arrested by FBI
Nubile female film stars is going to be breafactor a sigh of relief nowadays at the news that the FBI has arrested a man suspected of hacking into celebrity s phones and emails accounts and stealing their invariably nude photos. The FBI s invesigation into the hacking incidents, dubbed Operation Hackerazzi , has certainly been pressured to catch those responsible See More..
VB2011 talks, Part 1
Missed those talks at VB2011? some notes on a initial set of talks I attended. A look at the cybercrime ecosystem too as the way it works, Dmitry Bestuzhev On the underground market, It's possible to find lots of issues such as clones of actual ID documents (shipping together with your own picture) as well as See More..
Tuesday, June 19, 2012
Craigslist Targeted: Killers Reaching Innocents
Craigslist is an on the web network comprising of employers, organization owners and service providers, Marketing and advertising services and selling points. you'll find sections for jobs, classified, actual estate and more. Craigslist allow users to write-up adz to obtain and sell number of points on the website, and users can interact and work accordingly. Craigslist is utilised by See More..
Predictions Made by Supercomputer
A supercomputer named SGI Altix that is too known as Nautilus based in the University of Tennessee was fed with millions of articles dating back to middle of 20th century. The supercomputer provided results, which were most surprising for researchers. The method was designed to analyze articles, news feeds, journals, reports and other resources of See More..
Angry Birds: Why This Game is quite Popular?
The term Angry Birds reminds of video games from early 90s and several people might be surprised to know what is Angry Birds? It's basically a video game designed for mobiles phones and It's developed by Rovio Mobile based in Finland. The game was launched in December 2009 for iOS platform and it See More..
Celebrity Names utilized for Cyber Attacks
Cyber attacks are one of the most concerned issues online and are of excellent risk to privacy. These are Not simply risk to networks about are as well threat to national interest. Cyber criminals use various methods to initiate cyber attacks, which includes use of malicious codes, breaching firewalls and hacking into accounts. However, See More..
Embarcadero Finally Release Delphi 64-bit
Delphi is really a cross platform IDE (integrated development environment) utilized to create user applications, which are compatible with number of platforms such as Microsoft Windows and Apple Macintosh. Delphi was originally designed by Borland but It is now operated by Embarcadero. Features The organization released a brand new version of Delphi XE2 and It is too See More..
Social Netoperating Website Badoo Hits Hundred Million
Over the past few years, World wide web has flooded with social networks, blogs and content management systems. Now you'll find several social networking sites and WordPress blogs in distinct categories such as technology, design, photography and several more. Badoo is extremely a freshly introduced social networking website. It was began in August 2011 and amazingly you'll find See More..
Needles inside the Facebook Haystack
Yesterday I was searching all by way of the mid-day logs from one of the WebPulse modules, checking out the malware it had flagged. One of these caught my eye: a single log line referring to a setup.exe file coming from a site called youtube-vid.com. The idea occurred to me that we usually only take time to research See More..
Apple releases OS X 10.7.2 and iOS 5 with enormous security patch
Apple have released updated versions of OS X Lion (10.7.2), Snow Leopard (Security Update 2011-006), iOS (5), Numbers for iOS (1.5) and Pages for iOS (1.5) to resolve numerous security issues. Beginning with OS X 10.7.2/Security Update 2011-006 for OS X 10.6 you may find 75 known vulnerabilities that are fixed with these updates. Most could See More..
MSRT October ’11: EyeStye
This month, the Malicious Software Removal Tool (MSRT) targets two families: Win32/EyeStye and Win32/Poison. EyeStye (aka SpyEye ) is extremely a family of trojans that steals information, targeting authentication data employed for on the internet banking such as passwords and digital certificates. The approach it employs is called form grabbing which involves the interception of webform data submitted to See More..
Error 3200: Apple iOS 5 stumbles on launch
Apple has launched the considerably anticipated iOS 5.0 the new version of its operating technique for iPhones and iPads, complete with revolutionary new features such as the iCloud. It ought to have been a good moment for the company, and severalthing to put several cheer back in Apple fans hearts following the death of founder See More..
A Refresher on Spam and Exploits
Lately, we have been seeing a renewed increase in volume of spam attacks that utilizes an exploit kit specifically, the BlackHole exploit kit to trigger a malicious payload. Specifically, we have seen this in the latest slew of Automated Clearing home (ACH) spam, along with the more recent spam run related to Steve Jobs See more..
“1.php” Group Intrusion Set Paper
ThreatLabZ has just released a report that delivers a summary of incident Information related to the 1.php Group. Historically, this Group utilized command and control servers (C Cs) with /1.php? for the checkin URL path that's the reason for the informal name utilized. They have repeatedly targeted one of our customers so I See More..
Malware Uses New DLL Loading program – MS11-071
It has been a year given that we have witnessed a DLL hijacking program which loads a malicious DLL that affects hundreds of programs. The approach involves dropping a collection of normal files together with the malicious DLL from within a directory. We recently analyzed the following archive sample. Only the file deskpan.dll was detected as See More..
On Going Phishing Attacks on Email Services.
Series of phishing attacks aimed at stealing Gmail and Yahoo user log-in Information is on rise. I think that the attacks were a part of a larger campaign aimed at stealing user data and compromise computer systems. If the users put the Login details on such phishing links, then the Information get transferred to the See More..
How rapidly fingerprinting of OLE2 files can lead to efficient malware detection
At last week s Virus Bulletin 2011 conference Paul Baccas and Stephen Edwards from SophosLabs presented their study paper rapidly fingerprinting of OLE2 files: Heuristics for detection of exploited OLE2 files Depending on specification non-conformance . They may well winside the prize for the longest title, but what does it mean? OLE2 is a container format synonymous with See More..
BlackBerry outage, video apologies, a hoax and Ronnie Corbett
Millions of BlackBerry owners around the world have been feeling the pain this week as messaging and email systems collapsed in a service outage. With multiple turning to social networks to vent their anger, as well as newspaper cartoonists Making fun of the situation, bosses at research in Motion (RIM) have clearly been feeling the heat. See More..
Return of the Hack, Playstation Accounts breached again
Sony has reported that it has had quite a few sign-in attempts on accounts belonging to users on its various networks. In a statement on the Sony site it was revealed that Sony Network Entertainment International LLC and Sony on-line Entertainment (SOE) have detected a large amount of unauthorized sign-in attempts on PlayStationNetwork (PSN), Sony See More..
SIRv11: Putting Vulnercapacity Exploitation into Context
As Vinny Gullotto, our GM blogged earlier inside the week, the 11th edition of the Security Intelligence Report (SIRv11) has been released. One of the new places of investigation in this release is very a investigation of essentially the most prevalent types of vulnerability exploitation and how significantly of that exploitation is 0-day (short for zero-day, an See More..
RIP Dennis Ritchie, inventor of C and father of UNIX
Dennis Ritchie, the researcher and computer scientist whom Wired farewelled with the headline The Shoulders Steve Jobs Stood On, has returned from main(). He died at his residence last weekend. Dr Ritchie can possibly most succinctly be described as the inventor of C along with the father of UNIX, work for which he and Bell Labs See More..
Evil backdoors – Part II
several months ago we did a write-up about backdoors, explaining how they work and how to look for them. need to you didn t read it, take a read here:ASK Sucuri: What about the backdoors?However, we nonetheless see on on the internet forums individuals recommending to search for eval(base64_decode and issues like that when looking for backdoors. If See More..
Communicative malware writers
Do you bear in mind Mystic compressor and its shouts to the world, especially to Sunbelt guys? I hope so, but just in case here s one screenshot: greetings to Sunbelt And now we ve got a kind of response at the same time from Morphex authors a few of my blog posts concern Morphex, Crum and similar custom packers (this See More..
Government minister dumps documents in park bins
CabiWorld wide web minister Oliver Letwin has got himself into hot water, after a British newspaper exposed he was within the habit of dumping private correspondence and sensitive documents detailing Al-Qaeda activities and secret service operations into park bins near Downing Street. The ereally day Mirror reported that some of the documents dumped by Letwin in St James s See More..
Is Anonymous nonetheless a “hacktivist” collective?
Members of the net collective known as Anonymous are usually described as hacktivists. But are they extremely? Or are they extremely just activists (is that what they ve become)? We follow diverse Anonymous news accounts on Twitter and ever simply contemplating that the sub-collective, LulzSec, petered out, Anonymous has shifted away from talking about on-line attacks and hacks See More..
‘Addiction’ drove Scarlett Johansson’s nude photo hacker
Christopher Chaney, the man accemployed of hacking into the email accounts of female celebrities, and scooping up their private messages and nude photos, has described how his curiousity became an addiction. 35-year-old Chaney, from Jacksonville, Florida, was arrested by the FBI earlier this week in connection with Operation Hackerazzi , an investigation into a series of See More..
Your Data, Facebook’s Trade Secret
within the wake of Europe vs. Facebook s Annoy Facebook campaign, those that participated located one thing extremely fishy: Facebook claims that It is not required to give a user a complete copy of his or her data if, in Doing so, the organization will be compromising its trade secrets or intellectual house . It s a bit of See More..
The continuation of harmful rogue ads on Bing (and Yahoo)
We ve noted this before, but Microsoft Specifications to get a handle on ad placements on Bing. Ok, so Bing isn t the most widely utilized search engine, but bear in mind that Yahoo plays a part here as well. In this case, we re talking Sirefef (ZeroAccess aka Max++), probably the nastiest piece of malware circulating on the web See More..
Horrible blog going around about you? Or a Twitter phishing attack?
you will not realise it, but your Twitter account is worth money. Cybercriminals are keen to compromise your Twitter account, so they can spam out messages (either as public tweets, or less obvious direct messages to your on-line friends) within the hope that several recipients will click on the links. What lies in the end See More..
TaskManager Runs on 64-bit Excel
I m releasing a brand new version of TaskManager.xls that runs on Excel 2010 64-bit too. The previous version ran on 64-bit Windows, provided you utilised Excel 32-bit. But this new version runs on each implementations of Excel.TaskManager_V0_1_0.zip (https)MD5: 5ED2AB6036CA94FAC7DEE5352718D07CSHA256: EBCF4832C4DBAB0AFE778E19423EBB56CA4644DA1FDB5B2EB1BB4C27A26DB18C See More..
more Brits Leaving World wide web Passwords in Wills
The thought of people leaving their Facebook passwords in their wills is certainly not a mainstreaan concept- in the moment. However, if one really stops to think of it, our increasing reliance on Internet based services prompts the necessity of such action. In fact, a analysis conducted in behalf of Rackspace, a cloud computing company, See More..
Free coffee from Starbucks and Tim Hortons? No, it’s a Facebook scam
As of late points have been somewhat quiet on the Facebook scam front, but these days we have seen a resurgence in scams targeting each Americans and Canadians. A small significantly more than a day ago a scam appeared purporting to be a free gift card for the renowned Canadian coffee and doughnut shop Tim Hortons. It See significantly more..
Saturday, June 2, 2012
FREE $25 Tim Hortons Gift Card – Facebook Scam
Scam Signature Message:FREE $25 Tim Hortons Gift Cardtimhortonsbirthdaygift.meTo celebrate our birthday, we are giving away thousands of$25 Gift Vouchers FREE http://timhortonsbirthdaygift.me/Scam Type:Bogus OfferTrending: October 2011Why it s a Scam:Clicking the wall write-up link takes youto the following page:As usual, here you're asked to Share the message along with your friends and enter a comment on See More..
Targeted spam or just a brand new spam filter evading technique?
I own a couple of dokeys for various private activities, among these, my personal blog. They don t get considerably traffic, but I receive numerous spam on these dokeys. One of these spams escaped the spam filters simply given that it was specially crafted. The email was sent from an email address of a dokey which See More..
NHS Direct Twitter account compromised by Acai Berry diet spammers
NHS Direct, the UK helpline which delivers skilled health advice by way of the telephone and internet, has had its Twitter account taken over by spammers promoting an Acai Berry diet. At 10:40pm UK time on Sunday night, the NHS Direct Twitter account posted the following message: Are you currently wanting to lose some weight? i highly suggest See More..
An additional Modified ZeuS Variant Seen inside the Wild
inside the past, we ve reported about malware Depending on the leaked ZeuS code, such as Ice IX, and ZeuS 2.3.2.0, and this usage of the leaked code has continued on since then, and has resulted to attacks such as the one I m about to share.My colleagues and I have been monitoring Another new version of See More..
Netflix look alike android malware
We have received a brand new malicous Android malware which look alike a real Netflix application, and which is utilised to steal the Netflix account information. This is actually a classic case of trojanzied malware wherewithin the fake application which is extremely a lot identical to the real application and which lures the users to enter the Netflicx See More..
You lost your Facebook messages!
Or, to put it Another way, you didn t. However, spam mail Performing the rounds wants you to think otherwise. Click to Enmassive you have three lost messages on Facebook, to recover the messages please follow the link below. The links just pay a visit to the usual advert / viagra junk. What s kind of funny here is See More..
McDonald’s Facebook scam: Happy Birthday to…Donald?
I m certain a McDonald s themed Facebook scam seemed like a great notion to somebody at the time, but wow is this one all over the place. It s your average Click here to Like , article a spam comment saying how good This incredibly is then do one of these offers affair. However, you may find many points about See More..
Google publishes Web safety advice for ‘very good to Know’ campaign
Google has launched a campaign promoting on-line safety, in association with the UK s Citizen s Advice Bureau. The campaign, which will incorporate adverts in newspapers, on public transport and on-line, is being run with the hope of encouraging Web users to take considerably more care over their on-line activities including producing use of considerably more secure passwords, and remembering See considerably more..
Facebook scam promises free Macbook Air
Compromised Facebook accounts are being utilized to sfinish out scam posts promising free Apple Macbooks. The scam will not make reference to the death of Steve Jobs as others have. The link leads to Marketing and Advertising and marketing affiliate sites that ask for a user s mobile phone number users are then signed up for premium mobile content See More..
BlackBerry outage made roads safer, police claim
in accordance with media reports, police in the United Arab Emirates have given a surprising explanation for a dramatic fall in traffic accidents last week: drivers BlackBerrys weren t working. It s claimed that last week s worldwide BlackBerry outage, which frustrated business men and women around the world who were unable to communicate with their colleagues, had one sure result See More..
Facebook ID Cards: Could they be within your Future?
Here s a little peek into what could perhaps be a fixture in our future: Facebook ID Cards. Last October 11, the enterprise applied for a trademark on the usage of Facebook on cards, namely organization cards and non-magnetically encoded identity cards . The application is open for all to see and on trademark search engines such See More..
National Identity Fraud Prevention Week shares a couple of excellent tips
This week is National Identity Fraud Prevention Week, in accordance with what I just read inside the Register. pretty excellent timing, following last week s privacy scandal exactly where MP Oliver Letwin casually dropped constituents letters and sensitive documents into London park bins. The overall advice and resources on the educational microsite are excellent, particularly for men and women and See More..
SpyEye vs. Tracker
It has turn into clear that the creator of the banking Trojan SpyEye have additional plugin support to their code. In this new design, these plugins might be utilized by third parties to add additional functions to the core bot. The plugins are DLLs stored inside the bot s configuration file. Among the core plugins created for See More..
Facebook Rape Pages – Tastemuch less Jokes or Over the Line?
you know she s playing difficult to get When you re chasing her down an alleyway. That quote Whether it made you chuckle or fume in indignation is in the center of a rather controversial sequence of events. You see, the quote is in reality the name of a Facebook page which contains far more than 200,000 See far more..
Cloud Database: The Future Database Solution
Cloud is defined as database or data storage space available to number of computers connected to World wide World wide web or local network. These databases can either be placed on on the World wide web data storage servers such as Amazon World wide web Services and employees can access data from their workspace. Cloud databases have certain benefits over traditional computer databases. Cloud computing See More..
Quickpost: several Windows 8 Observations
I assume you know Microsoft released Windows 8 Developer Preview.1) The UserAssist registry keys still exist, and still use ROT13 encoding:Notice that There are too entries for the launching of Metro apps (e.g. alarms).But There are too a couple of added keys, I ll analyze them when much more definitive versions of Windows 8 are released:2) My See much more..
US considered cyberwarfare in attacks on Gaddafi’s Libya
The New York Times is reporting thin the United States virtually chose to utilize cyber weaponry inside the lead-up to the attacks on Libya earlier this year. Apparently the US military considered hacking into the Libyan government s air defense control systems. It's an interesting development that US officials are considering their offensive cyber capabilities See More..
A small light relief
Recently I ve been collecting examples of comment spam. Essentially, This is for a investigation project that's someexactly where very low on my to-do list. However, it does have a much more confident aspect: whenever I actually feel at a loss for words and losing faith in my own wordsmifactor ability, I scroll down to see what nice See much more..
Get FREE Starbucks Vouchers – having a value of $100 – Facebook Scam
Scam Signature Message:Get FREE Starbucks Vouchers using a value of $100gift-cards-4-drinks.comTo celebrate 40 years of Starbucks, we are giving awaythousands of $100 Gift Vouchers FREE http://gift-cards-4-drinks.comScam Type:Bogus OfferTrending: October 2011Why it s a Scam:Clicking the wall article link takes youto the following page:As usual, here you're asked to Share the message along with your See More..
GMail Hacker: D’oh!
One of our researchers has come across a supposed hacking tool-GMail Hacker Pro-that claims it can compromise GMail accounts. This tool comes with a quite slick searching website (complete with live chat support) identified at gmailhackerpro(dot)com. Click to enhuge During installation, it shows users a EULA. Let us just rapidly point out that a portion See More..
Highlights from VB 2011 Barcelona
This year, we had the privilege of attending the 21st Virus Bulletin International Conference in Barcelona, Spain.Researchers from Trend Micro presented three subjects within the corporate stream and one subject within the technical stream. Ethan YX Chen covered file-fraction reputation for the technical stream on day 1. For the corporate steam on day 2, Max See More..
Free coffee from Starbucks and Tim Hortons? No, it’s a Facebook scam
As of late items have been somewhat quiet on the Facebook scam front, but nowadays we have seen a resurgence in scams targeting both Americans and Canadians. A small considerably more than a day ago a scam appeared purporting to be a free gift card for the renowned Canadian coffee and doughnut shop Tim Hortons. It See considerably more..
Hot Diamond enterprise 419 scam
Here s a 419 scam with a little of everything, including a wonderful fake website. First, the email: Click to Enmassive In case you don t want to read it goodness knows, I tried the Hot Diamond organization have taken time out from selling diamonds and necklaces to give away one million funds to help See More..
HeapLocker: Preventing Heapsprays
I ve been using my HeapLocker alsol for practically a year now, and I ve encountered no issues, except for the NOP sled detection. When utilised with Adobe Reader, HeapLocker will produce also several false positives when searching for NOP sleds. So I ve disabled NOP sled detection for Adobe Reader.The last feature I require to talk about See More..
results of our compromised/hacked/stolen accounts survey
In Late September we posted a survey where we asked you to tell us your stolen account stories. We have summarized the results in a unique report the state of hacked accounts The data reveals that most users get hacked at high rates even when they tfinish not to believe they are engaging in risky behavior, See More..
LulzSec suspect pleads not guilty to Sony Pictures website hack
A 23-year-old man, suspected of being a member of the LulzSec hacking gang, has pleaded not guilty to an attack on the Sony Pictures website. Cody Kretsinger, from Phoenix, Arizona, pleaded not guilty to conspiracy and unauthorized impairment of a protected computer during a hearing at Los Angeles District Court. Kretsinger is alleged to be See More..
Be conscious of ‘Steve Jobs Alive’ spam.
News concerning the death of Steve Jobs has been exploited by cyber-criminals by sending spam emails associated with this incident. The spam mail which may well have one of the following subjects: - Steve Jobs: Not Dead Yet. - Is Steve Jobs really Dead?. - Steve Jobs Alive! or Steve Jobs Not Dead. If you have got got See More..
“Privacy can be a way of managing Information flow.”
Why are folks so willing to give away their personal Info to complete strangers? It s simply because humans want to share Info. And in fact, they share Info much much more freely than other points such as Merchandise and services. Which of these Are you currently most likely to provide with out thinking significantly about it? •To give See much more..
A Creepy Case of Facebook Identity Theft
Doppelgangers: many people would assume that these entities are merely figments of man s imagination. But the reality is, they do exist, just not inside the form many people feel they do. One woman had to find this out the difficult way when she located that she had an on-line doppelganger. Someone had stolen her identity See More..
UK will make cyberwarfare strikes, says Foreign Secretary William Hague
Britain is prepared to use the Net to strike computer attackers and enemy nations who launch cyberwarfare attacks on the UK s infrastructure and businesses. That s the message from Foreign Secretary William Hague, who perched precariously on his cabiNet Office desk, iPad in hand has been interviewed by a tabloid newspaper concerning the growing See More..
Thursday, May 24, 2012
Eat for free at Pizza Hut!? It’s a Facebook scam
Beware of links being spread on Facebook that claim you are able to eat for free at Pizza Hut. Don t be fooled into believing that you are able to receive a free pizza coupon, as This is just the latest scam spreading on the site close on the heels of similar campaigns claiming to offer a free coffee at See More..
That package at the Royal Mail office? It’s malware
Cybercriminals have spammed out malware, posing as an email from the Royal Mail. The emails, which claim that a package has been returned to the Royal Mail office, pretend to come from official-sounding addresses such as customer@royalmail.com or customer_service@royalmail.com. Opening the attached file could lead to your Windows computer being infected by a Trojan horse. See More..
Federal Trojan’s got a “large Brother”
About two weeks ago, the German Chaos Computer Club (CCC) has published an investigation report of a backdoor trojan that they claim had been used by German police during investigations to be able to capture VoIP and IM communication on a suspect s PC. Our friends over at F-Secure published a blog article last week where they See More..
WebPulse Hits One Billion
As a kid, I loved to lay on the grass at night and stare in the stars. Even though I knew of a couple of constellations, I would try to find new patterns among the billions of stars. New connections. New meaning. As WebPulse hit one billion requests in one day, it reminded me of those days See More..
Duqu – StuxWorld wide web 2
large news today. a brand new backdoor created by someone who had access to the source code of StuxWorld wide web has been found. StuxWorld wide web source code just isn't out there. Only the original authors have it. So, this new backdoor was created by the same party that created StuxWorld wide web. For a refresher on StuxWorld wide web arguably the See More..
W32.Duqu: The Precursor to the subsequent Stuxnet
On October 14, 2011, we were alerted to a sample that appeared to be very similar to StuxWorld wide web by a investigation lab with strong international connections. They named the threat Duqu [dy�-ky�] as a result of the fact it creates files with the file name prefix ~DQ . They provided us with samples recovered from computer systems identified in Europe and See More..
Most embarrassing moment ever in Beauty Contest – Facebook Scam
Scam Signature Message:Most embarrassing moment ever in Beauty Contestamazinvids1.tkPoor girl makes the biggest mistake of her life on a live Beauty contest!!.Scam Type:Survey ScamTrending: October2011Why it s a Scam:Clicking on the Wall post link takes you to the following page:you are required to share the scammer s message ahead of clicking play. This causes the extremely same message See More..
The Day of the Golden Jackal – The subsequent Tale in the StuxWeb Files: Duqu
StuxNet was maybe almost certainly the most complex attack of this decade, and we expected that further similar attacks could be developed in the near future. one thing for confident is thin the StuxNet team is noNetheless active as recent evidence has revealed. McAfee Labs received a kit from an independent team of researchers.This kitis closely related See More..
Spamvertised IRS-themed “Last Notice” Emails Serving Malware
Cybercriminals are once once again impersonating the Internal Revenue Service (IRS) for malware-serving purposes. In this intelligence brief, we ll dissect the malware campaign. Spamvertised attachment: IRS_Calculations_#ID6749.zipSpamvertised message: Notice, There are arrears reckoned on your account over a period of 2010-2011 year. you'll be able to find all calculations in accordance with your financial debt, enclosed. You have to pay See More..
Phishers Promote Indonesian Rock Star
Thanks to the co-author of this blog, Avdhoot Patil. in the month of January 2011 Symantec reported adult scams that targeted Indonesian Facebook users. These scams claimed to have an application in which users could view adult videos of Indonesian celebrities, taken from hidden cameras. It seems that phishers are now utilizing specific celebrities as See More..
Facebook Encourages Developers to Build ‘Private Mode’ and Other Sharing Controls into Apps
Facebook introduced frictionless sharing at the F8 conference last month. The standard premise behind frictionless sharing is that an application is granted permission to publish to a user profile once and doesn t have to ask for permission again. As expected, multiple Facebook users had a big problem with the oversharing potential this new feature presents. See More..
Yet another Bing advert to steer clear of…
Here s an advert in Bing which wants you to install a few adwarediscovered at chrome(dot)freewarecentral(dot)Net it was coming up in outcomes when searching for Chrome download . Click to Enbig As with most of these downloads, the site is reasonably convincing: Click to Enbig Hit the install button, and you ll be faced with the following Pinball See More..
Google Search to Have Default Encryption
Google is rolling out over the subsequent week default encryption making use of SSL (Secure Sockets Layer) on searches for users signing in with their accounts, the enterprise said Tuesday. The move comes over a year after Google made SSL the default setting for Gmail, and as well introduced an encrypted search service. (See as well How to make See More..
Duqu, son of StuxNet raises questions of origin and intent
Early right now Symantec published an inside look at a new targeted malware attack called Duqu. This may well not be essential news if it weren t for its ties to StuxNet. Early analysis of Duqu shows it has evolved from the StuxNet codebase. We shouldn t jump to conclusions that it was developed by the same authors, but See More..
TDL4 rebooted
ESET researchershave been tracking the TDL4 botWorld wide web for a long time, and now we have noticed a brand new phase in its evolution. Depending on the analysis of its components we can say that a few of those componentshave been rewritten from scratch (kernel-mode driver, user-mode payload) while a few (specifically, a few bootkit components) remawithin the sameas in See More..
Twitter phish DMs nonetheless really considerably alive and kicking
Just a heads up that a Well-liked Twitter phish is still Performing the rounds: Click to Enhuge located a funny picture of you! mugweb(dot)ru Clicking the link takes you totwittelr(dot)com/verify-/session/login-/ Click to Enhuge In case you enter your details at this point, you ve been phished and can expect to see your personal account spamming junk at See More..
Beware of fake websites stealing credit card information
people usually uses credit cards online to buy Goods but numerous people fail to validate the site address and proceed with submitting sensitive Info such as card numbers. Attackers can then steal credit card Info and as well the associated CVV number. Here is an example of one such fake website, hosting supposedly free services See More..
Mac Trojan Disables XDefend Updates
There s a couple of thing new brewing in Mac malware development (again). Recent analysis has revealed to us that Trojan-Downloader:OSX/Flashback.C disables the automatic updater component of XProtect, Apple s built-in OS X anti-malware application. First, Flashback.C decrypts the paths of XProtectUpdater files that are hardcoded in its body: Flashback.C decrypts the path of the plist file of XProtectUpdater Flashback.C See More..
Researcher who discovered security flaw threatened by firm he was trying to help
South of the Equator, a yawning security hole is swirling responsibility backwards to the bug finder. It surely amounts to the Coriolis effect. Yes, children, it s true: In Australia, flushing insecure bugs out of the toilet drain of investment fund companies outcomes in all of the responsibility flowing counterclockwise, completely opposite to that of rational Northern See More..
Sweden is under attack – mass infection and new exploits!
World wide web based threats such as malicious links on social medias, infected World wide websites and malicious ads are terms that we read about quite often. We security experts have for quite several time tried to emphasize the importance of protecting both your World wide website and computer from being infected, since these malicious World wide websites often exploit client vulnerabilities. These See More..
Are “Offerwalls” siphoning your own information?
A relatively new development in app Marketing and advertising has a concerning feature. It leeches a lot of the same Information that many Android Trojans also steal. by indicates of an app promotion campaign, a new feature called offerwalls are used by Pay Per Install (PPI) services to promise further adchoice and revenue for app developers. But what is the See More..
Mac malware evolves – time for Apple owners to wake up
Mac users have once again been reminded not to be complacent about the malware threat, with the discovery that cybercriminals have enhanced an existing Trojan horse to disable the rudimentary anti-virus protection Apple has built into Mac OS X. Despite the growth of Mac malware in the last 12 months, multiple users are still not See More..
Has Siri left your iPhone 4S unlocked?
Apple s new Siri feature, the voice-activated personal assistant built into the iPhone 4S, leaves owners spanking new smartphones partially unguarded. Those of us who work in the security arena have frequently banged on concerning the importance of securing your smartphone using a password or passcode to prevent unauthorised access. Most mobile phone manufacturers have recognised See More..
LoadDLLViaAppInit 64-bit
multiple of my security tools are DLLs. ought to you want to make use of these tools inside a 64-bit procedure, you re stuck, because it is potential to t use 32-bit DLLs inside a 64-bit procedure (and vice versa).LoadDLLViaAppInIt is a tool I released to load DLLs inside selected procedurees. ought to you want to make use of this 32-bit version of LoadDLLViaAppInit on See More..
Duqu FAQ
This is truly an active analysis by Kaspersky Lab s Global research analysis Team. We will probably be updating this FAQ document as necessary. What exactly is Duqu? How is it related to StuxWeb? Duqu is truly a sophisticated Trojan which seems to have been written by the same men and women who created the inwell-known StuxWeb worm. Its main See More..
Francopol 2011 Shows Off Cybercrime Savoir-Faire
Last week, I attended the Francopol conference on cybercrime in Nicolet, Canada, inside the impressive Quebec National Police School. As in 2010, I was impressed by the sessions and speakers taking part. Here are a few elements I would like to share with you.A part of the talks approached the techniques employed on the web by suspects to See More..
Keeping Tabs on the next STUXNET
The security industry is currently buzzing with talks about a threat dubbed as the precursor to the next STUXNET.according to a Symantec analysis, portions of the code are extremely similar to STUXNET, and was likely written by the same cybercriminals as the famous threat. Unlike STUXNET, however, Duqu doesn't have code that suggests it See More..
research of compromised Web sites – hacked PHP scripts
issues have been pretty busy lately as far as Web attacks ago. Over the past few weeks we have seen multiple large spikes of threat detections, corresponding to diverse waves of mass defacement attacks against legitimate Web sites. Pages on the hacked sites are frequently injected with iframes (or scripts that add iframes), which explains See More..
Oracle critical Patch Update October 2011
Overshadowed by the Duqu madness yesterday, Oracle released a slew of serious updates (please see Related Links within the right column of this page). Most interesting, but possibly with small impact, is the Java SE BEAST update. Oracle claims to have pushed 57 diverse fixes across their item lines, including patches for Java and their See More..
Security 101: Vulnerabilities, Part 2
In my last write-up we discussed one of the most harmful type of vulnerabilities that we classify at McAfee Labs: remote code execution and denial of service. Today, we ll talk about vulnerabilities that are not so harmful, those we classify as Medium or Low Risk. These threats nonetheless call for our attention since they can develop a chain See More..
Thursday, May 17, 2012
Security 101: Vulnerabilities, Part 2
In my last write-up we discussed essentially the most dangerous kind of vulnerabilities that we classify at McAfee Labs: remote code execution and denial of service. Today, we ll talk about vulnerabilities which are not so dangerous, those we classify as Medium or Low Risk. These threats still demand our attention simply given that they can develop a chain See More..
Duqu – StuxInternet 2.0
The security industry is buzzing nowadays after Symantec released a whitepaper on a threat known as Duqu. What s interesting about Duqu is that it s heavily Based on the StuxNet source code, a worm that targets industrial control systems (ICS). The StuxNet source code has never been made available publicly; it s only available to the original See More..
Mobile threats on the desktop
The MMPC has been routinely monitoring threats (by indicates of the desktop) that affect different mobile platforms such as Symbian, Java ME, Android, RIM, iOS and Windows Mobile. One of the increasingly Common ways we see mobile devices being compromised is by allowing the user to download and install applications independently. This is since the consumer cannot See More..
Facebook security updates – how to make your account more secure
Facebook has recently updated their security settings. In this How-to we highlight a couple of of the updates and the security nuances to assist you stay on top of your account security settings. Paul Laudanski blogged concerning the subject aalthough back, ought to you ought to have to reference that security primer. When you login to your account, you will See More..
Fake free AVG download sites
Fake antivirus sites are a quite Well-liked method to trick people into installing malware on their computers. One more method is to repackage Popular software with adware or malware, and offer them for download. AVG may well be a Popular Antivirus vendor that gives a free version of it s item at http://free.avg.com/. Rather than Getting dollars by bundling See More..
IPAbuseCheck: Clients Abutilizing Net Proxies
IPAbuseCheck was designed to provide a simple, free Web interface to query your IP addresses against a database that we have built containing unauthenticated IP addresses that have attempted to forward abusive or unwanted traffic by way of one or far more of our proxies. The database contains abusive IPs located from July to present, and contains properly See far more..
RunInsideLimitedJob 64-bit
RunInsideLimitedJob could be a tool to sandbox applications by containing their approach inside a limited job object. There are 2 versions of my RunInsideLimitedJob tool: a .EXE along with a .DLL.As a 32-bit executable, RunInsideLimitedJob.exe is perfectly capable of launching a 64-bit application contained in a limited job object.But the 32-bit RunInsideLimitedJob.dll can t be loaded inside a See More..
Phishing page hacked, turned into PSA on the dangers of phishing
Here s one thing you don t see extremely often. severalone possibly the recipient of the below phishing mail while Having a Falling Down style day in the Office decided enough was enough and set out to hijack the phishing site they were sent to. This is the email that started it all: Click to Enbig See More..
Fake jobs: canada-newjob.com, netherlandjobb.com and newjobrecruit.com
One more bunch of domains being utilised to peddle fake jobs:canada-newjob.comnetherlandjobb.comnewjobrecruit.comThese domains form part of this long running scam. you will find thin the emails appear to come from your own email address (here s why).The domain registrant details are no doubt fake: Adolf Nureng Email: adolfnureng@yahoo.dk Organization: Adolf Nureng Address: Spellingevej 3 Ro City: Gudhjem State: See More..
Deobfuscating malicious code layer by layer
write-up written by David Sanchez Lavado This post explains the way to analyze the malicious code used in current Exploit Kits. you will find many methods to analyze this kind of code, and you will find tools that do most of the job automatically. However, as researchers who like to recognize how issues work, we are going See More..
New attack vectors leading to digital pickpocketing of digital wallets
AVG s latest Q3 2011 Community Powered Threat Report has highlighted the prevalence of a brand new breed of cybercrime attacks being launched against users digital wallets to target the new credit currencies in widespread usage on the Internet. As individual users and organizations alike now start off to trade in the currency of the internet , cyber criminals See More..
the best way to learn equite little thing that Facebook *really* knows about you
Max Schrems, a 24-year-old law student from Vienna, a meticulous document requester and researcher, is now sitting on a pile of 1,200 pages that comprise his personal-data Facebook dossier. He secured the data by creating use of a European requirement that entities with data about individuals make it available to those individuals if they request it. After See More..
The Mystery of Duqu: Part One
extremely first of all, we feel it necessary to clarify a few of the confusion surrounding the files and their names related to this incident. to obtain a full Learning of the situation you only have to know that we re talking about just two malicious programs here (at a minimum) the key module along with a keylogger. See More..
Gaddafi Death Rumours sure to Spark Spam
Websense ThreatSeeker Network has been tracking anongoing spam campaign relating toreports of Libyan leader Colonel Gaddafi s death.We have been monitoring related spam campaigns about Gaddafi for a while now, along with the recent rumours of his death as stated here on Reuters seem to have raised the bar a small with aninflux of such spam. See More..
Duqu malware spurs new Stuxnet-design conspiracy theory
The news wires have been abuzz for the past few days with stories of a brand new StuxInternet . This son-of-StuxInternet malware goes by the orthographically curious name of Duqu. (based on Symantec, Duqu got its name since it creates files with the file name prefix ~DQ . On those grounds, Duqu is genuinely a silly name. It very should See More..
iPhone spyware can snoop on desktop typing
A team of researchers at Georgia Tech have demonstrated how they were able to spy on what was typed on a typical desktop computer s keyboard through the accelerometers of a smartphone placed nearby. Normally when security researchers describe spyware on smartphones, they mean malicious code that may be utilized to snoop on calls, or to See More..
OFT Warns Debt Collectors to Stop employing Facebook to Locate Borrowers
To debt collectors all over the world, Facebook has turn into a veritable fount of Info that makes their job a lot easier. In the event you were a debt collector and one of your borrowers had suddenly gone AWOL easy, all you have to do is to lay in wait until he updates his Facebook page. Even See More..
Remove Unused/Testing/Debug Software From Your Site
We often see sites hacked as a result of vulnerabilities in diverse tools. In most cases, site owners don t even understand they are there, or don t even remember they were installed. For example, a site owner/manager has to create a quick modification in the database and installs phpMyAdmin, a few months (or even years) later their site See More..
Dissecting the Ongoing Mass SQL Injection Attack
The ongoing mass SQL injection attack, has already affected over a million Web sites. Cybercriminals Performing active search engines reconnaissance have managed to inject a malicious script into ASP ASP.World wide web Websites. From client-side exploits to bogus Adobe Flash players, the campaign is active and ongoing. In this intelligence brief, we ll dissect the campaign and establish See More..
Gaddafi and Search Poisoning: feel prior to clicking on search results
Scam artists and cyber-criminals welcomed right now s news of the demise of Libyan leader Muammar Muhammad Abu Minyar al-Gaddafi (frequently referred to as simply Gaddafi or Gadhafi). Why? since few events fuel World wide web search activity as a lot as the death of a well-known or inwell-known person, although celebrity weddings and divorces are as well a large search driver.It s a See More..
Notes on the Urchin Site-injection Attack
Last week (10/12), Armorize announced a brand new mass site-injection attack, which they had begun tracking on the 9th. Briefly, the attack involves an injected link to an attack domain (originally jjghui.com; the newer injections use either nbnjki.com or nbnjkl.com), which references a file called urchin.js. (For folks who don t know, Urchin produced the original version See More..
StuxWorld wide web v2 or TR/Duqu
The StuxNet virus has gone to the next generation: TR/Duqu . Avira already detects the new malware since VDF 7.11.16.63, which was released on 2011-10-19. The new variant of StuxNet consists of 3 major files: a driver file (at this time we can discern between 4 slightly different versions) an encrypted DLL an encrypted configuration file See More..
Shop for free at ASDA? Free ASDA Gift Card Facebook scam spreads rapidly
Hot on the heels of similar scams involving Pizza Hut, and free coffee at Tim Hortons and Starbucks, messages are spreading rapidly between Facebook users about alleged ASDA Gift Vouchers, offering free shopping to celebrate the British supermarket chain s birthday . Here s a typical message: Shop For FREE at ASDA - FREE ASDA Gift Card ?[LINK] See More..
Gaddafi search poisoning
Here s an example of search poisoning somewhat similar to that predicted by Stephen Cobb developing use of the death of Gaddafi as a hook, noted by our colleague Raphael Labaca Castro, of ESET Latin America. The original blog is in Spanish. Raphaelreports an email that comes with the following title (in Portuguese, suggesting that Brazilian Net users See More..
Galaxies Collide
Duqu contains a backdoor that steals Informationrmation. Informationstealers call for to sfinish the stolen Information back somehow. Careful Informationstealers try to make the transfer look innocent in case somebody is watching network traffic. Duqu hides it s traffic by Generating it look like typical Web traffic. Duqu connects to a server (206.183.111.97 aka canoyragomez.rapidns.com, which utilized to See More..
Malware attack poses as bloody photos of Gaddafi’s death
The death of Libyan dictator Colonel Gaddafi has almost inevitably resulted in cybercriminals taking advantage of the news story, along with the general public s seeming interest in viewing ghoulish photos and videos of his last moments. Malicious hackers have spammed out an attack posing as pictures of Gaddafi s death, tricking users into believing that they came See More..
RBC Royal Bank Phish Wading in the Wild
Our researchers in the AV Labs just netted one of the latest phishing attempts that prey on clients of the Royal Bank of Canada (RBC) or RBC Royal Bank. below is the screenshot of the email phish being spammed within the wild: Click to enmassive This email from RBC on the internet masqueradesas an alert notification message regarding See More..
Free Argos gift card for Christmas? It’s a Facebook scam
Yet An additional scam is spreading quickly on Facebook, this time claiming to offer a free ?500 Argos gift card to British shoppers. Free ?500 Argos gift cards for Christmas [LINK] As It is coming up to Christmas we have decided to give away 250 ?500 Argos gift cards. The scam follows the highly prevalent ASDA gift See More..
Guess what happens to the data you “Delete” on Facebook?
it is prospective to find altechniques things that we don t require to have on Facebook. Gossipy conversations, embarrassing photos, controversial status updates most people have had their fair share of such things. the best way to deal with them is frequently to just click the delete button. After which, we can go back to living normally and See More..
Saturday, May 5, 2012
Duqu Status Update #1
As mentioned in our previous blog, W32.Duqu was initial brought to our attention by a research lab who had been investigating a targeted attack on One more organization. This research was conducted by the Laboratory of Cryptography and system Security (CrySyS) inside the Department of Telecommunications, Budapest University of Technology and Economics. CrySyS discovered the infection See More..
The state of cyber security – Join Sophos at the same time as the NCSA in Washington DC
I would like to invite all of our readers to an event October 27th, The State of Cyber Security, in Washington DC hosted by the National Cyber Security Alliance and Sophos. I am proud to be speaking in the event along with Michael Kaiser, executive director of the National Cyber Security Alliance and Rob Strayer, See More..
ZeroAccess’s trick – A wolf in sheep’s clothing
In previous post, my colleague talked about new approach to inject virus codes into other typical processes as a approach to bypass firewall s detection. by way of the continuous investigation of ZeroAccess, we discovered there re a couple of improvements for this series of anti-detection and anti-debug methods. And what s most interesting is ZeroAccess seems to quite like lsass.exe. It frequently See More..
The Rise and Fall of Anonymous
Following my previous blog on Francopol 2011, here are a few data and slides from my own talk on the Anonymous Group.Anonymous circles are not the only component of hacktivism, merely a loose collection with the highest media profile. Other representatives of this informal protest movement contain the Indignants, who use social networks around the world See More..
iOS 5 introduces security challenges and flaws
A small over a week since Apple released iOS 5, I concept I would review a couple of of the new functionality and security on the platform in general. I started by revisiting the encryption Apple promises and Whether or not they have fixed The problem that I first wrote about in may possibly 2010. in accordance with the iPad in See More..
Urchins, LizaMoons, Tigers, and Bears
In early April, I wrote concerning the famed LizaMoon SQL-injection attacks.I said it then, and I ll say it once more now: SQL-injection (SQLi) attacks are a constant.several of these attacks are much more visible than others.several adversaries find intelligent ways to hide their tracks so as not to splatter evidence of their misdeeds all over various search See much more..
Ongoing investigation of the internet infection
all by indicates of the last couple of days I have together with Yury Namestnikov been investigating the extremely high numbers of infected websites. It all began when I was going by indicates of local statistics for Sweden and saw an increase of a positive JavaScript redirector, and too new detections on new variants for Java, PDF and Flash exploits. See More..
There’s far more than one technique to skin an orange.
?with regards to attacking a program, and compromising its data and/or resources, it is possible to find numerous different approaches that an attacker can choose. One of the a lot more effective techniques to make a successful compromise is to take advantage of perceived vulnerabilities in the targeted program. A vulnercapacity refers to a characteristic of a program that See a lot more..
Java Malware Reconsidered, or, Java Brews a Fresh Bot of Malware
At Virus Bulletin 2011, we presented on the exploding level of delivered Java exploits this year with Firing the roast Java is heating up again . We examined CVE-2010-0840 exploitation in detail, along with variants of its most Well-known implementation on-line and several tools and Concepts for analysis. Microsoft s security team presented findings See More..
Duqu: Updated Targeting Information
I wrote Symantec s original blog write-up describing the discoquite of Duqu. In that blog I use the term "industrial control method manufacturers" and (after discussions with a variety of parties) we need to change that term to "industrial industry manufacturers" to more accurately define where Duqu has been found. We already made this change to See more..
Satanbot Employs VBScript to make Botnet
Malware is on the rise. at the beginning of 2008, our malware collection had 10 million samples. nowadays we have already surpassed 70 million. Most of the malicious samples are Trojans (backdoors, downloaders, fake alerts), but There are as well many viruses, worms, and bots that in a short time can infect multiple computers See More..
Shadow Profiles: Does Facebook produce Them?
The group Europe v. Facebook seems to have opened a floodgate of disturbing revelations against Facebook, one of them being the possibility that Facebook creates Shadow Profiles for all its members, as well as individuals who have yet to register themselves. This allegation is one of the 22 complaints thin the group filed against Facebook and See More..
Spammers Promote Steve Jobs Bogus Charity Fund
Even after some weeks following Steve Jobs death, spammers are nonetheless taking advantage of his demise. We have previously reported about this in the following blog entries: Cybercriminals remember Steve Jobs through Facebook Scam Steve Jobs Proclaimed Alive by Spam This time, we received sample spammed messages promoting a supposed charity fund for young See More..
Hacker’s phone call to Boston Police saying he defaced their website.. as a result of the fact he was bored
a number of websites associated with US police have been compromised by AntiSec hackers in apparent support of the Occupy demonstrations. One of the site s targeted was the Boston Police Patrolmen s Association (BPPA), which suffered a hack which resulted inside the release of a thousand usernames and passwords. An obvious danger is that staff may possibly See More..
Letter from HM Treasury? Just One more scam
Over the past 24 hours we have seen a flurry of emails purporting to be from George Osborne MP, the UK s Chancellor of the Exchequer. With reference to supposed stalled international fund transfers, the messages attempt to lure recipients into Generating contact with the fraudsters, in a classic 419 design scam. We have seen at See More..
exactly where in the World is Razim Al Hamed?
Here s a Spanish language Facebook scam concerning the World s richest man giving away thousand dollar cheques to anybody that wants one. You could almost certainly write Oh dear and leave it at that, but let s take a peek anyway. Scams involving a chap called RazimAl Hamed have been bouncing around on account of the fact at least 2009, and he s See More..
Fake jobs: jobbworld.com and yourjobb.com
Two new domains being employed to recruit for fake jobs, which the reality is grow to be illegal activities such as money laundering.jobbworld.comyourjobb.comThis very is part of a long-operating scam that has been going on for ages. One characteristic of the spam received is that it appears to come from your personal email address (here s why).In the event you See More..
Microsoft’s YouTube channel has been hacked
Hackers have taken control of Microsoft s official YouTube channel, removed the enterprise s videos and replaced them with ones of their own. Click here for a larger image of Microsoft s hacked YouTube channel. at the time of writing, the hackers are nonetheless uploading new videos to the channel. The ones we have seen so far are See More..
Microsoft’s official Youtube channel hacked (updated)
It appears that someone has hacked into Microsoft s account on Youtube and removed all videos. As may be seen in the picture, you'll find currently no videos at all anyfar more (see the red arrow in the screenshot) along with the comment about the website isn't Wish to turn out to be Sponsored ? Message me . at the same time the hometown See far more..
‘discovered a funny imagine of you!’ Twitter phishing attack
We re now regularly seeing Twitter accounts which have fallen into the hands of cybercriminals, sending out messages to their their on-line friends with the aim of tricking them into handing over their all-vital username and password. Here s one of the latest attacks, shared with us by our friends at @TweetSmarter: identified a funny picture of See More..
HeapLocker 64-bit
I m releasing my first 64-bit version of my HeapLocker tool.I had to change multiple pointer calculations, and had to replace 32-bit shellcode with 64-bit shellcode.This 64-bit version gets configured through the registry, exactly like the 32-bit version of HeapLocker. The only difference is Once you want to Protect specific addresses, you have to use a See More..
Shop for free at Tesco? Beware – it’s An additional Facebook gift card scam
within the last few days we have warned Facebook users about scams spreading on Facebook claiming that the likes of ASDA, Argos, Pizza Hut, Tim Hortons and Starbucks are offering consumers gift cards and vouchers entitling them to free goods. Now it s the turn of British supermarket giant to find its brand abutilised by scammers See More..
Libyan Leader Muammar Gadhafi’s Death Spam
Threat Analysis: Alan Neville As word spreads of the death of Muammar Gadhafi, cybercriminals are starting to take advantage. We are already seeing spam campaigns related to his death with malicious attachments. Here are several examples of what we have seen so far. This particular campaign claims that Muammar Gadahfi s death might not See More..
“Battery Doctor” Android Scareware
a new scareware targeting mobile devices running Google s Android working system claims about its capability to recharge the battery. It as well has the capability to steal Info. When the system initial executes, below overview window appears. As you are able to see, it shows Info about the battery and running applications and second pie chart on the See More..
LG hacked – World wide web site defaced to show simulated intrusion
One of the Australian Internetsites belonging to global electronics giant LG has been hacked by a collective calling itself the Intra Internet Security Exploit Team. in accordance with Asher Moses of the Sydney Morning Herald, the site, lge dot com dot au, was pwned over the weekend, and still in embarrassing post-hack distress this morning: The See More..
Targeted malware attack shows how quickly Fingerprinting works
Last week, I was operating a shift in SophosLabs triaging customer submissions, and found myself updating detection for the Troj/DocDrop-S Trojan horse. Keen readers will keep in mind that I have talked concerning the Troj/DocDrop-S malware before, in terms of the presentation that Stephen Edwards and I gave in the recent Virus Bulletin conference in Barcelona. The See More..
Beware Facebook lottery email scams!
Congratulations! You ve won the Facebook lottery! At least, that s whin the following email claims. The email says that it is potential to turn up in person at an address in London to claim your prize, but you will have to confirm your identity and eligibility. In case you don t need to pay a visit to London, then it is potential to choose to See More..
Survey Scams as Cross-Platform Threats
Tweet For a few time now we ve been reporting about Facebook scams involving surveys that ask for victims mobile numbers. These have become rampant, and have employed multiple different lures like Google+ invites and free Breaking Dawn Part 2 movie tickets An additional great example is a Facebook page we recently encountered, one claiming to be a See More..
One more widespread site defacement attack. Leading nowhere?
Earlier this morning, I started to see a rise within the volume of Mal/Iframe-Gen detections. Digging further, I located multiple legitimate sites that had been freshly hacked, so that you may be able to redirect users to further malware. As you may be able to see from the image below, there has been a fewthing of a surge in Mal/Iframe-Gen detections since approximately See More..
Facebook Launches “Social Jobs Partnership”
It s no secret that the unemployment rate inside the United States has reached pretty disturbing heights because of the recent financial recession. Millions of men and women, even those that had all of the appropriate qualifications, lost their jobs simply since the companies could no longer afford to have them on board. Today, the country is slowly trying See More..
Tuesday, May 1, 2012
These Aren’t the Droid Updates You’re searching For
Our Threat Solutions team found an interesting threat utilizing a novel infection vector for Android today. Back in July, they analyzed Spyware:Android/SndApps, which, after an update, is able access diverse bits of personal information. prior to the update, it only requests the Web permission. It seems probable to us that users are a lot less likely to carecompletely See More..
mailukrsoft.com: job scammers in action
A write-up over at woozoo.nl caught my eye (in Nederlands, Google Translated to English) concerning the netherlandjobb.com scam. Robert Krom goes numerous steps further than I typically do with a superb study into how the scammers try to rope men and women in.Robert identifies mailukrsoft.com as the subsequent stage within the scam. To me, it looks like See More..
The Register blunders, hands itself into the ICO
Oops. From: The Register marketing@theregister.co.uk Date: 24 October 2011 18:28 Subject: Apologies from The Register Hello, This morning the name and email address you utilized to register for The Register was mistakenly sent to 3,521 individuals, at the same time readers of The Register. We ve contacted them asking them to delete the email and respect your See More..
Android Malware Spreads through QR Code
Last week, there was quite a buzz inside the mobile-malware researchers community about a brand new Android malware. It came to light not since of its sophistication or complexity but since of the standard approach that it uses to spread. Most Android malware we have witnessed are repackaged malicious apps made available in black markets or See More..
So I Googled your name and found.. a Twitter phishing attack!
Sometimes they claim to have found a funny envision of you, say that you simply look like you ve lost weight, or that there s a horrible blog going around about you. Whatever the nature of the disguise utilised by phishing attacks on Twitter, the modus operandi is altechniques the same. Scammers will sfinish you a message, perhaps See More..
Typosquatting
Do you frequently make mistakes when typing? Is the Backspace keyyour friend? Well, you may possibly possibly be not alone! Most of us make typing errors once in a while, but what if those errors could cause data leakage? Typosquatting exploits Common typing errors made when entering a Internet address in a browser typing a instead of s , See More..
Scam sites on 84.22.161.169
84.22.161.169 (IOMART Ltd, UK) seems to have a few difficulties with scam sites, such as the one mentioned in this post. I haven t had time to check the entire range, but most of the sites they host are legitimate, these Even so appear to be bogus.mailukrsoft.com Rogers, Sid via@viagrasuperpills.com March St 43 San Antonio, Tx 7820 1 See More..
DroidKungFu Utilizes an Update Attack
We did a quickly write-up yesterday about a DroidKungfu sample that appeared to utilize a novel infection vector. Now, as promised, significantly more technical details. The application we ve been analyzing is called com.ps.keepaccount, along with a quickly check into its content reveals a few findings. The original application (SHA-1: 5e2fb0bef9048f56e461c746b6a644762f0b0b54) will not show any trace of See significantly more..
Book review: Ninja Hacking – unconventional penetration testing tactics and techniques
Be in no doubt, credibility is high for this book. Authors of Ninja Hacking , Thomas Wilhelm and Jason Andress, certainly have expertise in the field of computer security, with particular concentrate on penetration testing. They too have experience in each the academic and corporate environments. The subtitle Unconventional penetration testing tactics and methods is Even so See More..
Japanese parliament hit by cyber-attack
according to local media reports, hackers were able to snoop upon emails and steal passwords from computers belonging to lawmakers in the Japanese parliament for over a month. A report in the Asahi Shimbun claims that PCs and servers were infected after a Trojan horse was emailed to a a Lower house member in July. See More..
Hackers steal data on nuclear plants and fighter jets
A high-tech military contractor, which suffered an attack from hackers earlier this year, is reported to have lost sensitive data related to defence equipment including fighter jet planes and nuclear Energy plant plans. The Ashai Shimbun claims that when Mitsubishi Heavy Industries was hit by an attack earlier this year sensitive data and plans were See More..
Pink My Profile Bogus Keylogger Warning
October is Breast Cancer Awareness Month. several companies and non-profit companies run promotions and fundraising events to support the cause. Such is the case with the latest Facebook hoax. CUA is quite a monetary institution in Australia, and they developed a unique technique to raise awareness for breast cancer awareness. Users can install a Facebook application See More..
The Pink Profile Pic Facebook virus hoax
Have you noticed the profile pics of a few of your Facebook friends have acquired a pink tinge? Rumours have hit the social netoperating site that the Facebook app that turns your profile picture pink carries keylogger malware that could spy on your keypresses, and steal your passwords Not only from Facebook, but from on the web See More..
Free $5000 Gift Card for COLES – Facebook Scam
Scam Signature Message:Free $5000 Gift Card for COLESikeazone.infoAs christmas is approaching, coles has decided to give away$500 Gift Cards Scam Type:Survey ScamTrending: October 2011Why it s a Scam:Clicking the wall article link takes youto the following page:As usual, here you may be asked to Share the message with your friends and enter a comment on the page. See More..
Linux Tsunami hits OS X
We ve just come across an IRC controlled backdoor which is enables the infected machine to become a bot for Distributed Denial of Service attacks. The interesting part about It is that it s a Mach-O binary targeting Mac OS X. ESET s investigation team compared this to samples in our malware collection and identified that this See More..
Subscribe to:
Posts (Atom)