By Roel SchouwenbergFor a few days now I’ve been asking myself the following question: Which is more important: The fact we had a 500k-strong OSX botnet fly under the radar or the culprit that enabled the malware to infect so many machines? Every time the answer is clear – Java has become an absolute focal point in the cyber threat landscape. It plays a major role in attacks against every major platform, including mobile.
by Roel SchouwenbergEditor’s note: This story was reposted from Securelist.com.In an almost unprecedented event the Dutch minister of internal affairs gave a press conference at 1:15 AM Friday to Saturday night. He announced the Dutch government was revoking trust in Diginotar.
Google’s response to the recent discovery of malicious apps in the Android market place is proof that we’re now entering a new phase in malware mitigation. Can you imagine Microsoft automatically pushing an executable to (part of) its user-base with no opt-out option?
By Roel Schouwenberg, Kaspersky LabAmongst some others the Zeus bot is one of the most prolific bots in
the wild and in the media. Lately there has been quite a few reports on
the aspects surrounding Zeus, such as new research and the Troyak
takedown.
By Roel Schouwenberg
As a technology enthusiast — or geek — I always enjoy looking into new technologies. Although it’s no longer directly cutting edge, I recently started exploring the wonderful world of Solid State Disks (SSDs).
SSDs may, to some extent, influence how anti-virus (AV) programs use resources on the system and I’ve been curious to see how we can exploit that fact as SSDs are slowly getting more mainstream. Imagine my surprise when I came to the shocking discovery that, under certain circumstances, an SSD may actually perform better during an AV scan than when it’s idle.
Guest editorial by Roel SchouwenbergOver the last few months, there’s been quite a lot of news chatter around Banker Trojans emptying out online bank accounts of small businesses in the U.S. Today, I was reading one of such stories on Brian Krebs’ site. After reading that story I came across another news item that described booting from an alternative media to experience safe internet banking.
By Roel Schouwenberg
On Tuesday we got another DDoS attack on Twitter. A lot of people are asking why Twitter doesn’t seem to be coping with attacks like these. And at the same time there are more and more people jumping on the bandwagon saying stay away from Adobe products.
By Roel Schouwenberg
Once
upon a time we were living in a world where creating malware, then
still called viruses, was a very bad thing to do. These days, people
seem much more relaxed with the idea of someone writing malware.
On Saturday an alert went out about a new Twitter worm.
Could this have been another XSS-Worm? Upon clicking the link users would see the following:
However that’s not all that happens. Covertly a connection is made to another server that will result in a malicious PDF being downloaded. This PDF contains a flurry of exploits.
By Roel Schouwenberg
As Dancho Danchev pointed out, the BBC leased itself a botnet [zdnet.com]. I couldn’t quite believe it when I read it. The BBC, arguably one of the very best TV producers in the world, surely should have known better? There are so many things wrong about this that I hardly know where to start.
Firstly, given their figures, they seem to have spent quite an amount of money purchasing the botnet. Regardless of how much the total sum was, they sponsored the underground economy. Paying money to criminals (for illegal goods) is not only unethical but also considered illegal in most countries. The BBC broke the law right there and then already, not when they actively started using the botnet.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
