Clik here to view.
FBI: Operation Ghost Click
A US court has indicted seven men (6 Estonians and 1 Russian) as part of the US Federal Bureau of Investigation's Operation Ghost Click. Estonian authorities have made 6 arrests, the Russian defendant...
View ArticleClik here to view.
Malware Signed With a Governmental Signing Key
Certificates and CAs continue to be a hot topic (think Stuxnet, Duqu, Comodogate, Diginotar, et cetera).Every now and then we run into malware that has been signed with a code signing certificate....
View ArticleClik here to view.
Another Cousin of Spitmo: SymbOS/ConBot
Analysts on our Threat Research team recently discovered OpFake, a premium rate SMS trojan that shares code with Spitmo. And this week, our automation flagged a new sample. The guys have completed...
View ArticleClik here to view.
Duqu: Questions and Answers
Due to its complexity, case Duqu is challenging to understand. Here are some questions and answers that we hope will help.Q: What is Duqu?A: Because of the news and ongoing developments surrounding...
View ArticleClik here to view.
Backdoor:OSX/Tsunami.A
Our description for Backdoor:OSX/Tsunami.A is now online. Tsunami is a Mac OS X backdoor with bot functionality.The bot is capable of participating in DDoS attacks, and in fact, one variant attempts...
View ArticleClik here to view.
Trojan:SymbOS/OpFake.A
Here's the technical analysis related to yesterday's post on Trojan:SymbOS/OpFake.A.OpFake.A arrives as a supposed Opera Mini updater using file names such as OperaUpdater.sisx and Update6.1.sisx. The...
View ArticleOpFake: Premium Rate SMS Trojan That Shares Code w/ Spitmo
One of the more interesting cases we've analyzed this year is Spitmo, short for SpyEye in the mobile.When some versions of SpyEye, an infamous banking trojan, encounter mTANs, a mobile-based defense...
View ArticleClik here to view.
Laptop Stickers 2011/2012
Time for another Laptop Stickers contest! See here, here, here, here, here and here (lots o' links) for past examples.We started collecting suggestions on our F-Secure Community pages and from Twitter...
View ArticleClik here to view.
Duqu Attack's Installer Discovered
Hungarian security firm CrySyS Lab has located the installer for Duqu, which is now well known for its connection to the infamous Stuxnet. The installer arrived via e-mail as a document which then...
View ArticleClik here to view.
Backdoor:OSX/DevilRobber.A
We recently analyzed DevilRobber.A, a Mac OS X malware that has both backdoor and trojan-like capabilities. All the samples we've collected so far were from torrents uploaded by a single user account...
View ArticleClik here to view.
DevilRobber Gets An Updated Version
We found an updated version of Backdoor:OSX/DevilRobber, which we posted about earlier.The updated version uses the same technique as its predecessor to disguise itself as a legitimate application,...
View ArticleClik here to view.
Busy, Busy "Anonymous"
The Internet Collective known as Anonymous had a busy "Guy Fawkes Weekend".Here are a few highlights on their recent activities.Mexico: OpCartel is nixed. Anonymous claims the Zetas, a very dangerous...
View ArticleClik here to view.
Running Windows Server 2008? Patch.
This month's Microsoft Updates includes an interesting vulnerability:Microsoft Security Bulletin MS11-083"This security update resolves a privately reported vulnerability in Microsoft Windows. The...
View ArticleClik here to view.
DroidKungFu Utilizes an Update Attack
We did a quick post yesterday about a DroidKungfu sample that appeared to use a novel infection vector.Now, as promised, more technical details.The application we've been analyzing is called...
View ArticleClik here to view.
Happy Thanksgiving, "Alpha Geeks"
Yesterday, CIO's Constantine von Hoffman published a post titled "IT Security News Sources to be Thankful for" and we would like to thank him for a very amusing shout-out.Constantine, we wish your son...
View ArticleClik here to view.
Mikko @ TEDxBrussels
Mikko presented at TEDxBrussels this week.A video is available here:Additional videos and interviews are available on our YouTube channel. On 25/11/11 At 10:51 AM
View ArticleClik here to view.
FP's Top 100 Global Thinkers
Foreign Policy magazine annually publishes a list of "Top 100 Global Thinkers". In previous years, people such as Carl Bildt, Angela Merkel, Liu Xiaobo, and Tarja Halonen have been on the list.The...
View ArticleClik here to view.
Laptop Stickers 2011/2012
There's only a couple of more days to submit a suggestion to our Community's Laptop Sticker Contest.Here's some of the suggestions we've received via Twitter.You have until Monday to contribute. If...
View ArticleClik here to view.
Q&A with @mikko and @FSLabsAdvisor (Sean)
F-Secure's Community Manager, Ania, asked Mikko and I to take part in a Q&A week. And so, this week, from December 5th to the 9th, we'll be answering questions in our Community forums.Disclaimer:...
View ArticleClik here to view.
Trade Fair... For Trojans
Trojans, backdoors, keyloggers and eavesdropping is used by online criminals. The same techniques are also used by governments. Some government do this to spy on their own people or to find...
View Article