A recent malware sample dynamically generates the name of a mutex object by using Windows product ID, lessening its predictability and complicating detection.
Browsing Category: Malware
A phishing campaign that spiked this week is pushing the Dridex banking Trojan via malicious macros embedded in XML file attachments.
OpenDNS went public with a new analytics tool that can be used to detect malicious domains used in APT and cybercrime campaigns.
The Mandarin Oriental luxury hotel chain is investigating a data breach that affects credit cards used in an “isolated number” of its hotels in the United States and Europe. Company officials said that the attack involved “undetectable” malware on some of its systems and emphasized that only credit card data, and no other personal information,[…]
The Angler Exploit Kit has begun using domain shadowing as a technique to avoid detection and blocking, researchers at Cisco Talos said.
A new type of POS malware, LogPOS, is using technology that evades detection by letting the malware inject code while it shuttles stolen credit card numbers to its C+C server.
Attackers behind one of the more popular exploit kits, Angler, have added a tweaked version of an exploit from last fall, a use after free vulnerability in Microsoft’s Internet Explorer browser.
A pharming attack has been detected targeting home routers distributed from Brazil’s largest telco, a rare instance of a web-based attack changing DNS settings in order to redirect traffic.
Kaspersky Lab researcher Vitaly Kamluk discusses the Equation Group, claiming it is the most sophisticated advanced persistent threat group in the world.
On May 30, 2014, law enforcement officials from the FBI and Europol seized a series of servers that were being used to help operate the GameOver Zeus botnet, an especially pernicious and troublesome piece of malware. The authorities also began an international manhunt for a Russian man they said was connected to operating the botnet,[…]