Long thought dead, the peer-to-peer (P2P) ZeroAccess botnet has resurfaced and as of just a few weeks ago, has returned to propagating click-fraud scams.
Browsing Category: Malware
Experts urge system administrators to patch the Ghost vulnerability in glibc immediately, but counter that as well that exploiting the bug may be challenging.
The Flash zero day that made its way into the Angler exploit kit was wrapped in multiple layers of obfuscation and has the ability to inject its malicious payload straight into users’ browsers. In the last week, since the news broke of the Adobe Flash zero-day flaw appearing in the Angler kit, security researchers have[…]
Kaspersky Lab has found shared code and functionality between the Regin malware platform and a keylogger described in recently disclosed Snowden documents.
Dennis Fisher and Mike Mimoso talk about all of the zero days that were dropped this week on Adobe and Apple, the Oracle backdoor drama and the upcoming Kaspersky Security Analyst Summit in Cancun. Then, Dennis calls Brian Donohue to talk about the wonders of the Blackhat movie and Brian’s dog makes a special appearance, too!
Researchers at Kaspersky Lab today released a detailed analysis of two modules belonging to the Regin malware platform, one for lateral movement, the other a backdoor.
UPDATE–Adobe has released an emergency update for Flash to address a zero-day vulnerability that is being actively exploited. The company also is looking into reports of exploits for a separate Flash bug not fixed in the new release, which is being used in attacks by the Angler exploit kit. The vulnerability that Adobe patched Thursday is[…]
Researchers have peeled back more layers on Vawtrak, a relatively new banking Trojan so complex that those who have taken it apart have likened it to a Matryoshka, or Russian nesting doll.
Two Google AdWords campaigns have been hijacked by malvertisers and users are being redirected to fraud sites without even clicking the poisoned ads.
The Skeleton Key malware bypasses single-factor authentication on Active Directory domain controllers and paves the way to stealthy cyberespionage.