More information about last week’s “Shady Rat” hacks continues to be uncovered, including reports that the attackers behind the hack used digital images to obscure their activities.Researchers at Symantec analyzing the attacks found images were hiding code that enabled communication back and forth with infected machines and a command-and-control (C&C) server, according to a report from DarkReading.
There are remotely and easily exploitable vulnerabilities in the BlackBerry Enterprise Server that could allow an attacker to gain access to the server by simply sending a malicious image file to a user’s BlackBerry device.
Spear phishing attacks against U.S. government officials, politicians and public policy wonks are using a D.C. think tank favored by the Obama Administration as bait, according to a report from researcher Mila Parkour.
Trading on Hong Kong’s stock market, Hong Kong Exchanges & Clearing, remains suspended today following a “coordinated and sustained” distributed denial of service attack on one of the exchange’s websites Wednesday. Several companies, including HSBC, China Power International and Cathay Pacific found their shares unavailable late Wednesday following the attack according to a report from BBC.
The takedown of the Rustock botnet earlier this year has had ripple effects throughout the malware and spam ecosystems, with some large reductions in spam levels and attacks. However, some of the components of the malware machine driven by Rustock are beginning to come back online now. Researchers say that the Harnig pay-per-install malware is making a comeback, sans Rustock, however.
In his keynote address at the SOURCE Boston conference this year, independent security researcher Dino Dai Zovi discussed the attacker mentality and they way that defenders can adopt it to better protect their networks.
Researchers at the University of Cambridge will present evidence of what they say is wide spread manipulation of search results that direct unwitting Web surfers to dodgy and illicit online pharmacy sites.
Apple released an update today for its built-in, malware protection platform, XProtect, in response to the emergence of Mac-targeting trojan that hijacks Google searches, according to an article posted on Softpedia.
Adobe released its August software patches on Tuesday and immediately found itself in hot water with Google researcher Tavis Ormandy, who claims the firm is downplaying the extent of security flaws in its products.
The Chinese government claims they’ve seen nearly 500,000 cyber attacks designed to hit their computers over the past year, with the U.S. and India among the countries believed to be responsible.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
