Monthly Archives: November 2016

Tor Browser zero-day strikes again

A newly found vulnerability in the Firefox web browser was found to be leveraged in the wild. It is not the first time this has happened, as some of you may recall back in 2013, the FBI used a nearly … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Tor Browser zero-day strikes again

Calendar spam on Apple systems

Mac and iOS users have been seeing a lot of strange entries appearing in their calendars for a while now, but there has been a big increase over the last few weeks. There are a couple different explanations for this, … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Calendar spam on Apple systems

Fake WhatsApp email comes as a billing alert

Every now and then, we receive or see reports of what new shenanigan has hit users of the ever-popular mobile application, WhatsApp. Not so long ago, users in the UK were warned about a scam making rounds about Sainsbury’s giving … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Fake WhatsApp email comes as a billing alert

Forced into installing a Chrome extension

We have found a number of websites whose sole purpose is to try and force an extension on anyone visiting that site with Chrome. Most often, you can likely land on one of these sites after a redirect from a … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Forced into installing a Chrome extension

Attribution Part II: Don’t overthink it

Last time, we took a look at a few common mistakes that are easy to make when trying to attribute cyber attacks. To recap: Don’t Panic over one indicator Chase unrealistic threat models (Are you a cleared defense contractor or … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Attribution Part II: Don’t overthink it

New wave of Mirai attacking home routers

Background Starting from yesterday, many DSL customers in Germany were reporting problems with their routers, which weren’t able to connect to their ISP anymore or that the internet connection was very weak. Today we saw news, that a malicious attack … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on New wave of Mirai attacking home routers

Malicious code and the Windows integrity mechanism

Introduction Ask any expert who analyzes malicious code for Windows which system privileges malware works with and wants to acquire and, without a second thought, they’ll tell you: “Administrator rights”. Are there any studies to back this up? Unfortunately, I … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Malicious code and the Windows integrity mechanism

A week in security (Nov 20 – Nov 26)

Last week, we took a look at a ransomware called PrincessLocker, of which researcher Hasherezade created its decryptor. At the same time, another team member created a decryptor for TeleCrypt. We also gave a brief overview on how one can … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on A week in security (Nov 20 – Nov 26)

Tech support scammers up their game with ransomware

This post was co-authored by @hasherezade and Jérôme Segura. For those of us tracking tech support scams and seeing the evolution from cold calls, to fake alerts and eventually screen lockers, we knew what the next phase was going to … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Tech support scammers up their game with ransomware

Mobile Menace Monday: Adups, old and new

A newly discovered malicious app is found on China-made mobile devices running the Android OS. This is a baked-in system app used to update the device’s firmware but is found to also steal personal information, among other things. A blog … Continue reading

Posted in Antivirus | Tagged , , , , , , , , , , , , , , , , | Comments Off on Mobile Menace Monday: Adups, old and new