Malware

Keygens and Windows 8

by certifiedbug on May 4, 2013

in Windows OS

msft-mmpc

As we first reported in the Microsoft Security Report Volume 13, Keygens have become the number one threat reported by users of Microsoft antimalware products. The research also indicates that 76 percent of users that downloaded Keygen or software cracks were also exposed to other, more dangerous malware.

Keygens are typically not very dangerous on their own. However, malware authors are having great success using deceptive downloads that either pretend to be Keygens or contain them as well as other malware to spread their malicious payloads. Customers reporting Keygens have higher rates of additional malware infections compared to other threats. Some of these threats try to trick users into paying for software that’s distributed for free from trusted sources.

http://blogs.technet.com/b/mmpc/archive/2013/05/03/windows-8-and-keygens.aspx

{ 0 comments }

Microsoft Security Blog

Today we released the latest volume of the Microsoft Security Intelligence Report (SIR) containing a large body of new data and analysis on the threat landscape. This volume of the SIR includes:Latest industry vulnerability disclosure trends and analysis

  • Latest industry vulnerability disclosure trends and analysis
  • Latest data and analysis of global vulnerability exploit activity
  • Latest trends and analysis on global malware and potentially unwanted software
  • Latest analysis of threat trends in more than 100 countries/regions around the world
  • Latest data and insights on how attackers are using spam and other email threats
  • Latest global and regional data on malicious websites including phishing sites, malware hosting sites and drive-by download sites

In addition, we have included a section in the report focused on how the threat called Conficker continues to propagate.

http://blogs.technet.com/b/security/archive/2012/04/25/microsoft-security-intelligence-report-volume-12.aspx

{ 0 comments }

Sabpab Mac OS X backdoor Trojan

by certifiedbug on April 13, 2012

in Internet Security

Graham Cluley
Sophos

“The Sabpab Trojan horse exploits the same drive-by Java vulnerability used to create the Flashback botnet.”
http://nakedsecurity.sophos.com/2012/04/13/sabpab-new-mac-os-x-backdoor-trojan-horse-discovered/

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

{ 0 comments }

Apple

8 views…

http://support.apple.com/kb/HT5244

Forbes
4/06/2012

For anyone who doubted that Apple’s long grace period with cybercriminals is over, doubt no more: On Friday, researchers at Russian antivirus firm Kaspersky confirmed findings from another security firm earlier this week that more than 600,000 computers running Mac’s OSX are infected with the Flashback botnet, and half of those machines are in the United States.

http://www.forbes.com/sites/andygreenberg/2012/04/06/researchers-confirm-flashback-trojan-infects-600000-macs-being-used-for-clickfraud/

Krebs On Security

The current custodian of Java – Oracle Corp. – first issued an update to plug this flaw and others back on Feb. 17. I suppose Apple’s performance on this front has improved, but its lackadaisical (and often plain puzzling) response to patching dangerous security holes perpetuates the harmful myth that Mac users don’t need to be concerned about malware attacks.

http://krebsonsecurity.com/2012/04/urgent-fix-for-zero-day-mac-java-flaw/

Forbes
4/09/2012
http://www.forbes.com/sites/andygreenberg/2012/04/09/apple-snubs-firm-who-discovered-mac-botnet-tries-to-cut-off-its-server-monitoring-infections/

Kaspersky Lab

“The three month delay in sending a security update was a bad decision on Apple’s part,” said Kaspersky Lab’s Chief Security Expert, Alexander Gostev. “There are a few reasons for this. First, Apple doesn’t allow Oracle to patch Java for Mac. They do it themselves, usually several months later. This means the window of exposure for Mac users is much longer than PC users. This is especially bad news since Apple’s standard AV update is a rudimentary affair which only adds new signatures when a threat is deemed large enough. Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time! The problem is exacerbated because – up to now – Apple has enjoyed a mythical reputation for being ‘malware free’. Too many users are unaware that their computers have been infected, or that there is a real threat to Mac security.”

http://www.kaspersky.com/about/news/virus?time=1333224000

{ 0 comments }

“I was at a party yesterday” spam

March 13, 2012

Malicious spam continuing to do the rounds from a random name @ the same domain as your own. Delete without opening any attachments or links.

Read the full article →

AOL Administration Center & Uniform Traffic Ticket Spammed Scams

November 8, 2011

“AOL Administration Center” spam comes from a spoofed email address this is a classic example of Canadian Pharmacy spam. Full text of the bogus email, the # in the subject line changes. From: “AOL Administration Center (R)” To: Subject: AOL Administration Center Notification #73916 Hi, You have 1 notification (#73916) from AOL Administration Center Please [...]

Read the full article →

Ach ‘payment canceled’ spam

September 28, 2011

Resurgence of malicious ACH spam, the digit number changes randomly from email to email. Keep your anti-virus application up-to-date and if the spam does arrive in the email box don’t click on links within or open any attachment. The bad guys goal is to install a Zbot variant of a password stealing Trojan that also [...]

Read the full article →

Microsoft: Rustock Civil Case Closed

September 22, 2011

The Official Microsoft® Blog Rustock Civil Case Closed: Microsoft Refers Criminal Evidence to FBI 22 Sep 2011 As you may have read in this morning’s edition of CNET, on Sept. 13th, Judge James L. Robart, of the U.S. District Court for the Western District of Washington ruled that the domain names and Internet protocol addresses [...]

Read the full article →

NYC “Uniform Traffic Ticket” tops spammed malware

August 17, 2011

GarWarner Email attachments that contain malicious code are still being used to infect computers and steal the data found on those computers. While it is easy to find people who discount this threat, believing no one would be foolish enough to open one of these email attachments, the criminals are working hard to make their [...]

Read the full article →

eThieves Steal $217k

August 17, 2011

Last month Cyber Criminals stole $217,000 from the Metropolitan Entertainment & Convention Authority (MECA), a nonprofit organization. Krebs On Security Lea French, MECA’s chief financial officer, said the trouble began when an employee with access to the organization’s online accounts opened a booby-trapped email attachment containing password-stealing malware. The attackers used MECA’s online banking credentials [...]

Read the full article →