Malware RSS Feed
New technique used by Brazilian cybercriminals: Substitution cipher in Jar trojan bankers sent via email and joined by social engineering of course.
The largest website in Sweden spreads malicious code.
A short while ago, we came across a set of similar SWF exploits and were unable to determine which vulnerability they exploited.
Cybercriminals from Latin America infect victims via macro-enabled Microsoft Office documents. One of such documents while found in-the-wild had 0 from 48 VirusTotal detection rate!
Several media reported the news on January 7th, 2014, that a PC associated with Monju (the Fast Breeder Reactor of the Japan Atomic Energy Agency) was infected by malware and there was a suspicion of information leaks. Some pointed out that the infection had possibly been led by the abuse of the legitimate update of "GOM Player", which made it big news. GOM Player is a free media player with popular video/audio codecs built-in, favored by many Japanese people. It is different from similar free media players in some notable points: it supports major file formats such as AVI, DAT, DivX, MPEG, WMV to name just some; and it officially deploys a Japanese version. Its users are said to be more than 6 million in Japan.
In this post, Will Dormann describes how parent properties can cause security problems for a child process.
During the past months we have been busy analysing yet another sophisticated cyberespionage operation which has been going on at least since 2007, infecting victims in 27 countries. We deemed this operation "The Mask" for reasons to be explained later.
Cybercriminals behind Betabot and other malware in Latin America instead of using zombie machines, brute-force not properly configured email servers and then spamming to the victims.
Fraudulent websites offering tickets to the World Cup in Brazil