Malware - Security Intelligence

Mark Yason recently looked at the Regin Stage 4 (32-bit) dispatcher, which was reported on by Kaspersky and Symantec. He recalls the steps used to rebuild it from an image dump, resulting in a malware sample suitable for static and dynamic analysis.

article

Reviving the Regin Dispatcher Module: Part 1

After reviving the Regin dispatcher module, Mark Yason ended up with a malware sample that was suitable for both static and dynamic analysis.

February 10, 2015 | By Mark Yason

article

Cybercriminals are targeting Facebook users by tagging victims' friends in a pornographic video that asks for an Adobe Flash upgrade, then downloads a Trojan. Users must remain wary about clicking on unknown links and double-check their privacy settings.

news

Facebook Trojan Uses Porn, Phony Flash Update to Infect Millions

Cybercriminals are using a porn video to tag victims in Facebook posts to fool them into downloading a phony Flash update and spread a malicious Trojan.

February 2, 2015 | By Shane Schick

news

The FBI issued a warning recently that ransomware is on the rise on PCs and mobile devices through pop-up windows containing malware. Cybercriminals are changing tactics rapidly, which is why education is vital to combating this widespread issue.

news

FBI Warns Ransomware Issue Needs Widespread Public Attention

The FBI says ransomware is targeting consumers and businesses and spreading via pop-up windows on websites instead of just email spam.

January 28, 2015 | By Shane Schick

news

Wiper malware is being used by hacktivists and politically motivated cybercriminals to conduct attacks such as the one against Sony Pictures in late 2014. Organizations must make sure their security systems can fight against this type of malware.

article

Wiper Malware Poses Destructive Threat

Wiper malware can destroy important data and cripple computer systems. It was most recently used in the high-profile breach against Sony Pictures.

January 21, 2015 | By Rick M Robinson

article

Financial malware is being increasingly used by cybercriminals hoping to trick victims into giving up their banking credentials through a variety of methods. Financial institutions are similarly vulnerable to different types of attacks.

article

Is Financial Malware Breaking the Bank?

Financial malware is on the rise, according to a new Trusteer study that takes a hard look at the life cycle of these fraudulent transactions.

January 20, 2015 | By Douglas Bonderud

article

According to IBM Trusteer, a fake browser fraud scheme is being used in Brazil to steal online banking credentials from unsuspecting victims. When a targeted banking site is visited, a user's screen is frozen until he or she logs in.

article

Do You Trust Your Browser? Fake Browser Fraud Schemes Discovered in Brazil

IBM Trusteer recently uncovered a fake browser fraud scheme in Brazil that works to steal online banking credentials from unsuspecting victims.

January 19, 2015 | By Tal Darsan

article

Cybercriminals are using the popular #JeSuisCharlie hashtag to embed and spread a type of malware called DarkComet in the wake of the mass killings earlier this month at the newsroom of satirical newspaper Charlie Hebdo. This is a popular tactic.

news

DarkComet Malware Weaponizes #JeSuisCharlie Effort

Security researchers say cybercriminals are using the #JeSuisCharlie hashtag's popularity to distribute the DarkComet malware to unsuspecting victims.

January 16, 2015 | By Shane Schick

news

A new type of malware dubbed Skeleton Key targets single-factor authentication systems and lets cybercriminals pose as users inside an organization. It can also avoid being detected by intrusion detection systems because it doesn't create traffic.

news

Skeleton Key Malware Provides Scary Attack Method on Active Directory Users

Organizations that only use single-factor authentication for Microsoft Active Directory access could fall victim to the Skeleton Key malware.

January 14, 2015 | By Shane Schick

news

According to security research firm Sucuri, cybercriminals are using a popular website called Pastebin to host malware code. These attackers are reportedly trying to take advantage of a vulnerability in a popular WordPress theme called Slider Revolution.

news

Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware

Experts say cybercriminals are using a popular online repository called Pastebin to act as a remote server for hosting malware aimed at WordPress users.

January 12, 2015 | By Shane Schick

news

After it discovered a scam campaign spreading the notorious Trojan:Win32/Upatre downloader, Microsoft is warning users to not accept the wire transfer if they receive an email telling them they could accept $35,000 by opening an attached file.

news

Wire Transfer Spam: Upatre Goes for Broke

Microsoft recently discovered a spam campaign spreading the notorious Trojan:Win32/Upatre downloader. Users are warned not to accept the wire transfer.

December 16, 2014 | By Douglas Bonderud

news

Tag: Malware