After the Tunisian Revolution (also called the Jasmine Revolution by many media organizations) in late 2010 or early 2011, “Jasmine” became a hot word in China. Last week, a friend of mine in China received an email with an attached Microsoft Word Document (RTF) titled “My thoughts on the jasmine flower (the language of the [...]
10 April 2011
Google has introduced a new feature for its Chrome browser that will display a warning if a user attempts to download a suspected malicious executable file. The Chrome team are enhancing the implementation of their Safe Browsing API service to include downloaded files. What is the Safe Browsing API? The Safe Browsing API is an [...]
08 April 2011
Security awareness training usually incorporates web security topics. The message needs to be brief and relevant to non-techies, so they will pay attention. Consider focusing the audience’s attention on the browser—a tool that, for most people, personifies the web both at home and at work. The title of this list was inspired by the Respect [...]
08 April 2011
We’ve been seeing a run of malware distributed via spammed e-mails in the last couple days. The e-mail messages and the malware aren’t particularly new. The message is fake and pretends to be related to a delivery service; attached to it is a disguised ZIP file containing a trojan-downloader. If the ZIP file is run, [...]
08 April 2011
A little while ago, phishing mails claiming to be from NACHA were in circulation – it seems the phishers have had enough of that, deciding to send out malicious files instead. The mail claims an attempted bank transfer has gone horribly wrong, and you should open up the file listed as .pdf.exe – whoops – [...]
08 April 2011
Its now Bank of Baroda getting targeted for the phishing attacks. A mail having subject line : MESSAGE TO ALL BARODA CONNECT USERS!!! getting circulated containing an attachment. If you click to open the htm file, it displays Bank of Baroda Login form.This form get displayed from your local machine. It ask to fill your [...]
08 April 2011
Update (04/07/2011 10:03am PST): USPS officials have taken the http://ribbs.usps.gov web site down to address the infection. A United States Postal Service website (http://ribbs.usps.gov) has been infected with the Blackhole Exploit kit. As we’ve discussed previously, the Blackhole Exploit kit, a commercial exploit kit developed by Russian hackers, is being seen in an increasing number of [...]
08 April 2011
Today’s social media sites such as Twitter and Facebook can be convenient tools for users to easily get the information they want. Such sites can easily satisfy users’ desire to know more, especially in the wake of life-changing events. In the case of the recent disasters in Japan, hashtags related to victims’ safety, rolling blackouts and public [...]
08 April 2011
Today, we’re going to look closely at a very good example of phishing. There’s probably no need to explain what phishing is, but just to be sure, here is the definition as you can find it on Wikipedia: „Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card [...]
08 April 2011
We recently examined a sample, detected as Program:Win32/Pameseg.P (SHA1: 089e7ec8ee2ca4be0fff079e39ef26110a8de78e), that appears to be a new version of "LoviVkontakte", an application for the Russian social networking website "vkontakte". This sample asks for money by way of requesting an SMS to a premium number to continue installation. We’ve seen similar behavior in the past with the [...]
08 April 2011
Google now adds a feature to the development versions of the Chrome web browser which Internet Explorer already has introduced with version 9: It extends Safe Browsing (which also gets used by Firefox and Safari) with safe downloads. This is a reputation system which marks suspicious files as such. Google uses the URL list from [...]
08 April 2011
April 4, 2011 March 2011 was eventful in the field of information security. The major news includes Trojan horses in payment terminals and the elimination of the world’s largest spam network–the Trojan.Spambot botnet, also known as Rustock. In addition, criminals launched a number of large-scale attacks on social networking sites. And, as expected, the disaster [...]
08 April 2011
Published by Blanca Carton, Abril 2011 How many times you wished you could have accessed documents stored in your home PC when you were out? In my case, many. And I hate to say “I cannot send it right now” This situation has changed. My Panda Global Protection 2011 integrates the BeAnywhere technology which allows [...]
08 April 2011
The following data are the result of the monitoring and recording process made by spam sensors spread all around the world to provide the trend of security in terms of compromised systems. Spam sensors are designed to record the malicious spam activity made by compromised systems mostly identified as bots. The following charts and analysis [...]
07 April 2011
Earlier this week new Twitter malware spread very quickly in the Twitter community.The malicious application tweeted two messages similar to the following to the infected users’ followers: directly followed by: Those who clicked the link and allowed the application to connect to their Twitter account were infected.The point I want to make in this posting is:Most of those who [...]
07 April 2011
The Emsisoft malware research team has discovered a new outbreak of the Windows Repair adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.WindowsRepair. Windows Repair is a rogue application. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer has a problem, or infected with viruses or [...]
07 April 2011
The Emsisoft malware research team has discovered a new outbreak of the Windows Process Regulator adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.WindowsProcessRegulator. Windows Process Regulator is a rogue application. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer has a problem, or infected with [...]
07 April 2011
Among a lot of various scam emails about “post express“, we found one email that is unfamiliar, and pretty sure this is a different malware, with subject “Available for pickup“, and included an executable attachment file, “Sent.exe“. Dear Sir I have just returned and received your message — it is 2:25 am in Vancouver. I [...]
07 April 2011
The Emsisoft malware research team has discovered a new outbreak of the Windows Passport Utility adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.WindowsPassportUtility. Windows Passport Utility is a rogue application. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer has a problem, or infected with [...]
07 April 2011
Here’s the latest of our malware wallpaper calendars. 1280×800 | 1680×1050 | 1920×1200 | 2560×1600 This month’s calendar highlights the use of malware for a range of cybercriminal activities. These include the use of a keylogger to steal data directly from individuals, the hacking of a business in order to acquire customer financial details and [...]
06 April 2011
The Emsisoft malware research team has discovered a new outbreak of the Windows Recovery adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.WindowsRecovery. Windows Recovery is a rogue application. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer has a problem, or infected with viruses or [...]
06 April 2011
Pursuing vulnerabilities in local software that is accessible through the web browser has been an effective attack vector. The following 4 free tools can help you identify locally-installed browser plugins that are behind on security patches. Google Chrome and Secbrowsing Users of Google Chrome rejoice—the browser flags common insecure plugins without the need for any [...]
06 April 2011
DNS.BE, the Belgian organization that manages all registrations of domainnames under the .be TLD, reported that the DNS name servers did get an unusual high workload, up to 6 times more queries than average, resulting in 2 servers that where hardly available during 4 hour on last Sunday. The other 47 name servers were perfectly [...]
06 April 2011
I’ve been monitoring Blackhat spam SEO for more than a year now. I frequently have to modify the scripts used to retrieve the fake AV pages in order to deal with obfuscation and other obstacles the perpetrators have put in place. Fake AV pages are designed to keep security scanners and researchers away. One of the [...]
06 April 2011
