Sweet Orange Exploit Kit

Malware is a business; people make their living writing and distributing it. Exploit kits are an effective and streamlined methodology of distributing malware; they allow the Bad Guys to distribute payloads at a higher level than we have seen in the past. For this reason we've seen exploit kits grow in popularity over the last few years. BlackHole...

Read more

MyBB Security Release

The SQL Injection vulnerability, which affected all MyBB versions, affected the post editing section. The second flaw allowed brute-force access because the CAPTCHA system was not effective. An issue which prevented the editor from working in Firefox 16 and newer versions of the web browser has also been addressed. Users are advised to immediately...

Read more

Facebook and Walmart Offer $1,000 Christmas Gift Cards Scam

On Facebook Some posts, claiming that the social media network has partnered up with Walmart and they’re giving away free $1,000 (764 Euro) gift cards. “Hey friends, I got a $1000 Gift Card from WALMART as a Christmas Gift! Get it right away! -> bil.ly,” the malicious Facebook posts read. Users who fall for it and click on the link are...

Read more

Trojan Upclicker: Using a Mouse To Evade Automated Analysis

We came across another sample, called Trojan Upclicker, that went one step further: using a mouse to evade automated analysis.  Per the code in Figure , the function SetWinodwsHookExA is called with 0Eh as a parameter. Per MSDN the parameter 0Eh is used to hook a mouse. Pointer fn is the pointer to the hooked procedure in the code. The...

Read more

Carberp : Trojan-Spy.AndroidOS.Citmo

For a long time, only two families of such malware have been known: ZeuS-in-the-Mobile (ZitMo) and SpyEye-in-the-Mobile (SpitMo). ZitMo and SpitMo work together with their Windows ‘brothers’. Actually, without them, they would look like trivial SMS spy Trojans. It is necessary to mention that during the last two years such attacks have...

Read more

California Department of Health Care Mistakenly Publishes Details of 14,000 People

State of California has mistakenly published thousands of Social Security numbers on the Internet. The list includes Medi-Cal providers in 25 California counties, including Amador, Calaveras, Colusa, Nevada, Placer, Sutter, Tuolumne and Yuba. The information, belonging to Medi-Cal providers working for In-Home Supportive Services, had been...

Read more

Internet Explorer Can Track Your Mouse Cursor

Internet Explorer can track your mouse anywhere on the scree,even when you aren’t browsing    A new Internet Explorer vulnerability has been discovered that allows an attacker to track your mouse cursor anywhere on the screen, even if the browser is minimized. All supported versions of Microsoft’s browser are reportedly affected:...

Read more

Joomla And WordPress Bulk Exploit serving Fake Antivirus Malware

Many Joomla and some WordPress sites exploited and hosting IFRAMES pointing to bad places : Fake antivirus threats display a fraudulent scanning result to intimidate users into “purchasing” the fake antivirus program.WordPress and Joomla exploits have existed for years, and cybercriminals have thus been exploiting them for a long time. Yet...

Read more

Gmail Phishing Scam

Another phishing scam that relies on the old “account update” theme is currently making the rounds, attempting to trick Gmail users into handing over their usernames and passwords.                                                                                          ...

Read more

Beware Of Malware Receipt From Australian Power & Gas

Australian Power & Gas Payment Receipt  carry a piece of malware that’s disguised as a harmless-looking PDF file.  Australian users should beware of emails entitled “Approved Payment Receipt” that purport to come from the “team” at Australian Power & Gas.    Example : Subject: Approved Payment Receipt ...

Read more

Hack Windows 8 To Get Free Games

A Nokia engineer who has previously pointed out security holes in Microsoft’s Windows 8 has now posted a detailed step-by-step explanation of how to hack Windows 8 games. Unfortunately his site is down now : Angel shows how to hack Windows 8 in not one, not two, and not even three ways … but no less than five different ways, showing users...

Read more

Open Redirect Vulnerability Identified in Meebo

An open-redirect vulnerability Identified in the popular instant messaging platform Meebo. Open-redirect vulnerabilities can be leveraged by cybercriminals to lure their victims to arbitrary domains. The user believes that he/she is visiting a legitimate, reputable site, when they’re actually seamlessly redirected to a malicious one. The...

Read more

No Email Day 12-12-12

Tomorrow is No Email Day: Ignore your inbox and do something more useful instead Looking at your ever-growing inbox and looking for a reason to ignore it? Tomorrow you have that excuse, as it will be the second annual No Email Day. NO EMAIL DAY by Paul Lancaster from Paul Lancaster A year ago, UK-based Paul Lancaster declared a No Email...

Read more

Fake Hotels Awaiting Unwary Guests

Cyber-criminals have prepared some dirty tricks for tourists looking for a room over the holidays. And it’s not the same old reception RATs, banking Trojans, wrong hotel transactions and social media baits. Now, they’ve created their own fake hotels and are awaiting unwary guests. The fake websites usually leverage the names and reputations...

Read more

Exforel Backdoor Implemented At Network Driver Interface Specification level

Security researchers have identified a variant of the Exforel backdoor malware, VirTool:WinNT/Exforel.A, that’s somewhat different from other malicious elements of this kind. The NDIS-level backdoor used by VirTool:WinNT/Exforel.A is much more low-level and stealthy than that used by traditional backdoors – there is no connecting/listening...

Read more

Over 400 Indian Websites Defaced by Sizzling Soul and P@khTuN72

Over the weekend, a total of over 400 domains and subdomains have been defaced by a couple of hackers calling themselves Sizzling Soul and P@khTuN72. Most of the sites appear to be owned by various Indian businesses. Since the hacktivists haven't defaced the targeted sites’ homepages, most of their owners are probably still unaware of the...

Read more