Microsoft Patch Tuesday – September 2013
Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing thirteen bulletins covering a total of 47 vulnerabilities. Thirteen of this month's issues are...
View ArticleClik here to view.
Android Ransomware Predictions Hold True
Contributor: Lionel PayetBack in June we discovered a malicious Android application that was holding user’s Android phones for ransom. This discovery confirmed earlier predictions that ransomware would...
View ArticleClik here to view.
Would You Like Some Fish with That Phishing Site?
Phishers are known for making their phishing sites look exactly like the sites they are spoofing. We have seen plenty of examples of the detail they employ, like using JavaScript to include the current...
View ArticleClik here to view.
Hidden Lynx – Professional Hackers for Hire
For the past few years, reports have continued to emerge detailing the activities of actors behind various targeted attacks or Advanced Persistent Threats (APTs). Here at Symantec Security Response,...
View ArticleNew Internet Explorer Zero-day Found in Targeted Attacks
On September 17, Microsoft issued an advisory reporting a new zero-day vulnerability in Internet Explorer: Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3893). The advisory...
View ArticleClik here to view.
Breaking Bad Fans Targeted in Twitter List Spam
On the heels of its most highly acclaimed episode, Breaking Bad fans tweeting about the popular AMC show may find themselves targeted by a new Twitter spam tactic.Traditionally, spammers and scammers...
View ArticleClik here to view.
Craigslist SMS Spam Scam, with a Twist
While Craigslist has always been a favorite social engineering theme for scammers, Symantec has identified another on-going SMS spam campaign abusing Craigslist’s popularity. The scam tricks users into...
View ArticleClik here to view.
Leveling Up: Gaming Trojan Adds Banks to Target List
Malicious game downloads are not a new phenomenon, but malware authors are now exhibiting a greater degree of ambition in targeting online gamers. A gaming Trojan horse is now targeting user bank...
View ArticleClik here to view.
The Clean Theory
Old rules…A popular proverb goes like this:When one adds a pint of clean water to a barrel of sewer water one gets a barrel of sewer water, but when one adds a pint of sewer water to a barrel of clean...
View ArticleNew Zero-Day Vulnerability Used in Operation Hangover Attacks
On November 5, Microsoft issued an advisory and a blog post to report a new zero-day vulnerability in the Microsoft Graphics component that affects Windows, Microsoft Office and Microsoft Lync: the...
View ArticleClik here to view.
Cybercriminals Serve Up a Veritable Smorgasbord of Threats for South Koreans
South Korea has not been too far from media attention lately, with reports of cyberattacks involving zero-day vulnerabilities, banking Trojans, gaming Trojans, back doors and distributed...
View ArticleClik here to view.
Scams Emerge as Typhoon Haiyan Strikes the Philippines
Contributor: Vijay ThawreTyphoon Haiyan, one of the strongest tropical cyclones on record struck the Philippines this week, leaving behind a trail of mass destruction. With more than 10,000 people...
View ArticleClik here to view.
New Zero-Day Vulnerability Shares Links to Hidden Lynx
On November 11, Microsoft published a blog post about a new zero-day Microsoft Internet Explorer Unspecified Information Disclosure Vulnerability (CVE-2013-3918) affecting an Internet Explorer Active X...
View ArticleMicrosoft Patch Tuesday – November 2013
Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing eight bulletins covering a total of 19 vulnerabilities. Nine of this month's issues are rated...
View ArticleClik here to view.
Instagram Users Compromise Their Own Accounts for Likes
Symantec Security Response has discovered many Instagram users have willingly shared their usernames and passwords to a bot-like app in order to increase likes and followers. Figure 1. InstLike...
View ArticleClik here to view.
Linux Back Door Uses Covert Communication Protocol
In May of this year, sophisticated attackers breached a large Internet hosting provider and gained access to internal administrative systems. The attackers appear to have been after customer record...
View ArticleClik here to view.
Yet Another Zero-Day: Japan Hit with Ichitaro Vulnerability
The security industry, as well as IT administrators across the globe, has been busy recently dealing with multiple zero-day vulnerabilities emerging in quick succession. Before anyone has time to draw...
View ArticleClik here to view.
Cryptolocker Alert: Millions in the UK Targeted in Mass Spam Campaign
Last week, the United Kingdom’s National Crime Agency (NCA) warned that tens of millions of customers were being targeted by the Cryptolocker malware through a mass spam campaign.According to the...
View ArticleClik here to view.
A Personal Farewell to Peter Szor
It was with quite some skepticism that I accepted Peter Szor's invitation to go surfing with him five years ago. I had tried surfing several times before but had been disappointed by the lack of...
View ArticleClik here to view.
Smart Phone Users Face Amalgamation of Phishing and Malware
Contributor: Avdhoot PatilThe internet can be a dangerous place with security threats lurking from every direction, and it gets worse when threats meld together. Phishing today is a major part of...
View Article