Category Archives: Antivirus

Blockchain technology: not just for cryptocurrency

Imagine a place where you can safely store all your personal information and only you decide who has access to it. You can choose which parts of that information you want to share, and you can just as easily revoke … Continue reading

Posted in Antivirus | Comments Off on Blockchain technology: not just for cryptocurrency

Children and young adults: the next-generation money mules

According to Cifas, a nonprofit fraud prevention organization based in the United Kingdom, more than 8,500 cases of bank account misuse have been filed against 18- to 24-year-olds between January and September 2017. Cifas has linked the account abuse to an uptick … Continue reading

Posted in Antivirus | Comments Off on Children and young adults: the next-generation money mules

Seamless campaign serves RIG EK via Punycode

The Seamless campaign is one of the most prolific malvertising chains pushing the RIG exploit kit and almost exclusively delivering the Ramnit Trojan. Identification of Seamless is typically easy, due to its use of static strings and an IP literal … Continue reading

Posted in Antivirus | Comments Off on Seamless campaign serves RIG EK via Punycode

A week in security (November 27 – December 03)

Last week on Labs, we touched on a huge macOS High Sierra vulnerability, a PayPal phish, and Terror EK’s new tactic. We also took a crack at identity theft protection services, drive-by cryptomining, and rounded up interesting talks while attending … Continue reading

Posted in Antivirus | Comments Off on A week in security (November 27 – December 03)

Yet another flaw in Apple’s “iamroot” bug fix

Last week, we discussed a particularly serious vulnerability, dubbed “iamroot,” in macOS 10.13 (High Sierra). To sum up, the vulnerability allows an attacker to gain access to the ultra-powerful root user on any Mac running macOS 10.13.0 or 10.13.1. Worse, … Continue reading

Posted in Antivirus | Comments Off on Yet another flaw in Apple’s “iamroot” bug fix

PayPal phish asks to verify transactions—don’t do it

There’s a number of fake PayPal emails going around right now claiming that a recent transaction can’t be verified. If your response to this is, “What transaction?” read on. If your response to this is, “Oh no, not my recent … Continue reading

Posted in Antivirus | Comments Off on PayPal phish asks to verify transactions—don’t do it

An IRISSCON 2018 roundup

Last week, some 400-plus attendees listened to a wide variety of infosec topics at the ninth annual IRISSCON, Ireland’s longest-running security event. I already talked a fair bit about this one a few weeks back, so rather than repeat myself, … Continue reading

Posted in Antivirus | Comments Off on An IRISSCON 2018 roundup

Persistent drive-by cryptomining coming to a browser near you

Since our last blog on drive-by cryptomining, we are witnessing more and more cases of abuse involving the infamous Coinhive service that allows websites to use their visitors to mine the Monero cryptocurrency. Servers continue to get hacked with mining … Continue reading

Posted in Antivirus | Comments Off on Persistent drive-by cryptomining coming to a browser near you

Serious macOS vulnerability exposes the root user

On Tuesday afternoon, a tweet about a vulnerability in macOS High Sierra set off a firestorm of commentary throughout the Twitterverse and elsewhere. It turns out that the issue in question works with any authentication dialog in High Sierra. For … Continue reading

Posted in Antivirus | Comments Off on Serious macOS vulnerability exposes the root user

Kaspersky Security Bulletin – Story of the year 2017

 Download the Kaspersky Security Bulletin: Story of the year 2017 Introduction: what we learned in 2017 In 2017, the ransomware threat suddenly and spectacularly evolved. Three unprecedented outbreaks transformed the landscape for ransomware, probably forever. The attacks targeted businesses and … Continue reading

Posted in Antivirus | Comments Off on Kaspersky Security Bulletin – Story of the year 2017