Attackers circumvent patch for Windows Sandworm vulnerability
Attackers continue to take advantage of the Sandworm vulnerability by using an exploit that bypasses its patch to send compromised PowerPoint documents as email attachments.Read more...
View ArticleScammers pose as company execs in wire transfer spam campaign
Innocent-looking payment requests could result in financial loss for companies as finance department employees targeted with fraudulent emails.Read more...
View ArticleTrojan.Poweliks: A threat inside the system registry
Trojan.Poweliks is a unique threat because it is located in a registry key on compromised computers.Read more...
View ArticleClik here to view.
Spin.com visitors served malware instead of music
Compromised site sent visitors to Rig exploit kit to infect them with a range of malware including Infostealer.Dyranges and Trojan.Zbot. On October 27, while tracking exploit kits (EKs) and infected...
View ArticleClik here to view.
OSX.Wirelurker: Avoid pirated Mac OS X applications, untrusted Apple computers
WireLurker can be used to steal information from compromised iOS devices. Symantec Security Response is currently investigating OSX.Wirelurker, a threat that targets Apple computers running Mac OS X...
View ArticleClik here to view.
When tech support scams meet Ransomlock
A technical-support phone scam uses Trojan.Ransomlock.AM to lock the user’s computer and trick them into calling a technical help phone number to resolve the issue. What’s true for businesses is also...
View ArticleClik here to view.
Countdown to Zero Day—Did Stuxnet escape from Natanz?
Symantec's analysis on the Stuxnet worm features in new Kim Zetter book. Today, Kim Zetter released her book, “Countdown to Zero Day”. The book recounts the story of Stuxnet’s attempt to sabotage...
View ArticleClik here to view.
Microsoft Patch Tuesday – November 2014
This month the vendor is releasing fourteen bulletins covering a total of 33 vulnerabilities. Fourteen of this month's issues are rated ’Critical’. Hello, welcome to this month's blog on the Microsoft...
View ArticleClik here to view.
Operation CloudyOmega: Ichitaro zero-day and ongoing cyberespionage campaign...
The campaign was launched by an attack group that has communication channels with other notorious attack groups including Hidden Lynx and the group responsible for LadyBoyle. JustSystems has issued an...
View ArticleClik here to view.
The four most important online security events of 2014
From major vulnerabilities to cyberespionage, Symantec looks at what the past year has brought and what it means for the future. With such an array of security incidents in 2014—from large-scale data...
View ArticleClik here to view.
Annual G20 summit is attractive target for Flea attack group
Attackers attempt to steal information from targeted officials through spear-phishing emails. Each year, as world leaders come together to discuss a variety of global economic issues at the G20...
View ArticleClik here to view.
POS malware: Potent threat remains for retailers
The retail industry continues to be a low-hanging fruit for attackers and attacks are likely to continue until the full transition to more secure payment technologies. Twitter Card Style: summary As...
View ArticleClik here to view.
Regin: Top-tier espionage tool enables stealthy surveillance
An advanced spying tool, Regin displays a degree of technical competence rarely seen and has been used in spying operations against governments, infrastructure operators, businesses, researchers, and...
View ArticleClik here to view.
DroidJack RAT: A tale of how budding entrepreneurism can turn to cybercrime
See how Android.Sandorat, a multi-featured mobile crimeware tool, began life as a legitimate Android app. Twitter Card Style: summary Small-scale mobile app software entrepreneurship has been...
View ArticleClik here to view.
Smart security for today's smart homes: Don't let attackers spoil your Christmas
Many smart home solutions contain flaws that could allow attackers to access your network and potentially compromise your home’s security. Twitter Card Style: summary Contributor: Mario BallanoWith...
View ArticleClik here to view.
Destover: Destructive malware has links to attacks on South Korea
Some samples of Destover share a C&C server with Volgmer and also share similarities with Jokra and Shamoon. Twitter Card Style: summary Backdoor.Destover, the destructive malware that was the...
View ArticleClik here to view.
Mind the gap: Are air-gapped systems safe from breaches?
Recent research has suggested several ways air-gapped networks could be compromised, but how realistic are these attack scenarios? Twitter Card Style: summary Contributor:Candid WueestIndustries that...
View ArticleClik here to view.
Microsoft Patch Tuesday – December 2014
This month the vendor is releasing seven bulletins covering a total of 24 vulnerabilities. Thirteen of this month's issues are rated 'Critical'. Twitter Card Style: summary Hello, welcome to this...
View ArticleClik here to view.
Underground black market: Thriving trade in stolen data, malware, and attack...
The underground market is still booming after recent major data breaches. The price of stolen email accounts has dropped substantially, but the value of other illegal goods and services has remained...
View ArticleClik here to view.
TorLocker ransomware variant designed to target Japanese users
New file-encrypting ransomware variant is the first to specifically target Japanese users.Read More
View Article