Malware RSS Feed

Blog: Largest Website in Sweden Spreading Malicious Code

Malware Alerts - Thu, 02/06/2014 - 05:21
The largest website in Sweden spreads malicious code.

Blog: CVE-2014-0497 – a 0-day vulnerability

Malware Alerts - Wed, 02/05/2014 - 10:15

A short while ago, we came across a set of similar SWF exploits and were unable to determine which vulnerability they exploited.

Blog: Big box LatAm hack (3rd part – infection by Office files)

Malware Alerts - Tue, 02/04/2014 - 19:21
Cybercriminals from Latin America infect victims via macro-enabled Microsoft Office documents. One of such documents while found in-the-wild had 0 from 48 VirusTotal detection rate!

Blog: Abused update of GOM Player poses a threat

Malware Alerts - Tue, 02/04/2014 - 09:58
Several media reported the news on January 7th, 2014, that a PC associated with “Monju” (the Fast Breeder Reactor of the Japan Atomic Energy Agency) was infected by malware and there was a suspicion of information leaks. Some pointed out that the infection had possibly been led by the abuse of the legitimate update of "GOM Player", which made it big news. GOM Player is a free media player with popular video/audio codecs built-in, favored by many Japanese people. It is different from similar free media players in some notable points: it supports major file formats such as AVI, DAT, DivX, MPEG, WMV to name just some; and it officially deploys a Japanese version. Its users are said to be more than 6 million in Japan.

New Blog Entry: New Blog Entry: Feeling Insecure? Blame Your Parent!

CERT Announcements - Mon, 02/03/2014 - 13:17
In this post, Will Dormann describes how parent properties can cause security problems for a child process.

Blog: A Glimpse Behind "The Mask"

Malware Alerts - Mon, 02/03/2014 - 06:44
During the past months we have been busy analysing yet another sophisticated cyberespionage operation which has been going on at least since 2007, infecting victims in 27 countries. We deemed this operation "The Mask" for reasons to be explained later.

Blog: Big box LatAm hack (2nd part – Email brute-force and spam)

Malware Alerts - Sun, 02/02/2014 - 20:28
Cybercriminals behind Betabot and other malware in Latin America instead of using zombie machines, brute-force not properly configured email servers and then spamming to the victims.

Blog: World Cup: fake tickets, fake giveaways, real attacks

Malware Alerts - Fri, 01/31/2014 - 15:30
Fraudulent websites offering tickets to the World Cup in Brazil

Always Check Credentials

SANS Tip-of-the-Day - Thu, 01/30/2014 - 22:03

Analysis: Spam money lenders: data theft, Trojans and other special features of ‘cheap’ loans

Malware Alerts - Thu, 01/30/2014 - 06:00
Millions of people worldwide prefer to buy goods and services on credit, agreeing to pay considerable sums in interest to various money lenders.


Subscribe to RIT Information Security aggregator