In this special edition of the Digital Underground Podcast, Dennis Fisher interviews fellow Threatpost editor Mike Mimoso and also Threatpost reporter Brian Donohue about the Black Hat security conference, which begins this week in Las Vegas. Topics of discussion include Chris Valasek and Charlie Miller hacking automobiles, Jeff Forristal’s briefing on what promises to be a devastating Android vulnerability, why it’s dumb to host Black Hat in Las Vegas in the dead of summer, and more.
Browsing Category: Malware
The IcoScript remote access Trojan evades network detection by communicating via Yahoo Mail.
A new variant of the Citadel banking Trojan has been discovered where the attackers are using Windows remote shell commands to be enable Remote Desktop Protocol access, even if the malware is discovered and removed.
A new breed of point-of-sale malware has been found in several recent attacks, and experts say that the tool, known as Backoff, has extensive data stealing and exfiltration capabilities, including keylogging, memory scraping and injection into running processes.
A new variant of the GameOver Zeus malware has been spotted with a new domain generation algorithm that now generates 1,000 new domains daily.
A new analysis of a long-term APT campaign targeting manufacturers, industrial, pharmaceutical, construction and IT companies in several countries has uncovered fresh details of the attack, including identification of nearly 3,000 victims and the unmasking of the command-and-control infrastructure.
Georgia Tech Research Institute has released an open source threat intelligence gathering tool called BlackForest that automates attack-data mining.
There is a critical vulnerability in millions of Android devices that allows a malicious app to impersonate a trusted application in a transparent way.
Researchers at Kaspersky Lab report on the infrastructure supporting the Koler ransomware, which not only has components targeting Android devices, but also redirects desktop browsers to other ransomware and exploit kits.
New ransomware has been dubbed Onion by researchers at Kaspersky Lab as its creators use command and control servers hidden in the Tor Network (a/k/a The Onion Router) to obscure their malicious activity.