Hackers fond of man-in-the-browser (MiTB) attacks have brought efficiency to their work. New strains of MiTB malware have been discovered that are able to parse logs for the sensitive information hackers are targeting, rather than send massive unstructured logs back to the attacker’s command and control server.
Attackers targeting major U.S. banks with distributed denial of service attacks are using a number of toolkits to automate the job. Prolexic Technologies, a security company specializing in DDoS protection services, identified one toolkit called itsoknoproblembro, a kit that attacks multiple ports and network targets.
Mobile malware has largely been limited to Trojans buried inside a malicious app targeting sensitive data stored on the phone such as email, contact information and SMS messages. A new proof-of-concept piece of malicious software, however, expands the scope of mobile malware and essentially turns an Android device into a surveillance tool, bringing a while new range of security and privacy implications into the equation.
Mozilla is trying to deal a two-fisted blow to the continued use of passwords as an online authenticator, as well as the practice using social media username-password combinations as a persistent login on other sites. Its Persona project has moved into its first beta release promising developers and website users a better and more private authentication experience.
Adobe announced today it was the victim of an APT-style attack after two malicious utilities commonly used in targeted attacks for privilege escalation and pivoting within a network were discovered signed by a valid Adobe digital certificate. Adobe said it will revoke the certificate next week.
Adobe products and services senior director of security Brad Arkin said in a statement that a build server with access to the Adobe code signing infrastructure was compromised and is the source of the issue.
PNC Bank appears, as promised, to be the latest victim of hacktivists carrying out denial-of-service attacks against major U.S. financial services institutions. PNC, out of Pittsburgh, joins Wells Fargo, J.P. Morgan Chase & Co. and Bank of America on a list of banks taken offline reportedly by a group who claimed responsibilities for the attacks as retaliation for the portrayal of Muslims in “Innocence of Muslims,” a series of movie trailers uploaded to YouTube.
Just when you thought it was safe to go back to using Java, security researchers have found another gaping hole that could impact potentially more than 1.1 billion desktops running the Oracle-owned platform.
A new APT-style espionage campaign launched this summer targeting organizations tied to financial services, government agencies and the defense industry used a technique dubbed water holing to entice victims and silently redirect them to sites hosting zero-day exploits.
When it comes to cybersecurity and critical infrastructure, there are generally more questions than answers. And for the last 10 months or so, the volume of concern and uncertainty has ramped up, largely because there’s little in the way of productive information sharing on threats, a serious lack of centralized leadership coordinating cybersecurity efforts among public and private sector interests, and attacks and vulnerabilities run largely unabated.
Another malicious website has been discovered hosting an exploit for the zero-day vulnerability Internet Explorer patched by Microsoft last week. This site, like the other exploits discovered, targets the defense and space industries, and is dropping an unknown payload, according to Barracuda Labs.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
