Browsing Category: Malware

New fake banking cert attacks in play

Categories: Malware

From eWEEK (Matt Hines)
Researchers with security training experts SANS Institute have reported the emergence of a new wave of attacks seeking to take advantage of trust in online banking sites and digital certificate e-banking security programs.
The involved attacks target customers of Bank of America, asking targets to click through from e-mail borne links to URLs where they are asked to upload new digital certs to protect themselves when e-banking.  Read the full story [eweek.com]

Read more...

Threatpost News Wrap #2: Drive-by malware, Twitter attacks

Categories: Malware, Podcasts, Web Security

Threatpost editors Ryan Naraine and Dennis Fisher look at the latest security news headlines and dig deeper into the latest wave of drive-by download infections and scareware attacks on Twitter.

Read more...

Examining Conficker: When a worm becomes a botnet

Examining Conficker: When a worm becomes a botnet

Categories: Malware

From TechTarget (Brian Sears)

I recently read an article where two experts expressed different ideas of what Conficker represented. One expert argued that Conficker was clearly not a botnet, as it lacked some of the basic abilities typically found in botnets. While the other expert said Conficker indeed was a botnet, In the end they both agreed Conficker represented a significant threat. So what is Conficker? Well in the case of our two experts, they were both right and wrong. In my opinion, Conficker appears as a package or a mesh of several different threats, each one with its own purpose. Read the full story [techtarget.com]

Read more...

The Twitter worm that isn’t

Categories: Malware, Web Security

By Roel Schouwenberg

On Saturday an alert went out about a new Twitter worm.

Could this have been another XSS-Worm? Upon clicking the link users would see the following:

 

However that’s not all that happens. Covertly a connection is made to another server that will result in a malicious PDF being downloaded. This PDF contains a flurry of exploits.

Read more...

30,000 legit websites hit by malware infection

Categories: Malware

From The Register (Dan Goodin)

A nasty infection that attempts to install a potent malware cocktail on the machines of end users has spread to about 30,000 websites run by businesses, government agencies and other organizations, researchers warned Friday [websense.com].

The infection sneaks malicious javascript onto the front page of websites, most likely by exploiting a common application that leads to a SQL injection, said Stephan Chenette, manager for security research at security firm Websense. The injected code is designed to look like a Google Analytics script, and it uses obfuscated javascript, so it is hard to spot. Read the full story [theregister.co.uk]

Read more...

Experts: Gumblar attack is alive, worse than Conficker

Categories: Malware

From CNet (Elinor Mills)

The Web site compromise attack known as Gumblar has added new domain names that are downloading malware onto unsuspecting computers, stealing FTP credentials to compromise more sites, and tampering with Web traffic, a security firm said on Thursday.

The Gumblar attack started in March with Web sites being compromised and attack code hidden on them. Originally, the malware downloaded onto computers accessing those sites came from the gumblar.cn domain, a Chinese domain associated with Russian and Latvian IP addresses that were delivering code from servers in the U.K. Read the full story [cnet.com]

Read more...

Microsoft warns of dangerous DirectShow flaw, attacks

Categories: Malware, Vulnerabilities

Microsoft today warned that hackers are using rigged QuickTime media files to exploit an unpatched vulnerability in DirectShow, the APIs used by Windows programs for multimedia support.

Read more...

RIM issues patch for serious PDF flaw in BlackBerry software

Categories: Malware, Vulnerabilities

There is a series of vulnerabilities in the widely used BlackBerry Enterprise Server software that could allow an attacker to compromise BlackBerry devices by sending a malicious PDF file. Research in Motion, the software’s maker, has issued a patch that fixes the problem in BES, as well as in BlackBerry Professional Software.

Read more...

Gumblar: The malware that is sweeping the nation

Gumblar: The malware that is sweeping the nation

Categories: Malware

The latest large-scale malware outbreak to hit the Web, known variously as Gumblar and Geno and Martuz, is a multi-stage attack that not only infects compromised machines with a number of separate pieces of malware but also has the ability to steal credentials and block the victim from taking actions to clean his PC.

Read more...