Clik here to view.
Tips For Java Junkies
So, according to our recent poll, only 12% of you don't have Java Runtime Environment (JRE) installed. And the rest of you (88%) are Java junkies to one degree or another.Okay, well, for the 41% of...
View ArticleClik here to view.
Perfecting the Fake - Android Edition
When fake AVs used to take the limelight, their user interface started from pretty-crappy-and-obviously-rogue-AV and ended up with a very convincing design. It took a while for the miscreants to get...
View ArticleClik here to view.
Gameover ZeuS
Excerpted from from our Threat Report H1 2012:In the last year ZeuS has separated into more than one separately developed crimeware families after the source code for version 2.0.8.9 was leaked. An...
View ArticleWorld at 2022
Tom Scott has a pretty accurate prediction of what the World will look like in 2022.YouTube On 05/09/12 At 10:34 PM
View ArticleClik here to view.
Governments Recruiting Backdoor Authors #germany
Just couple of years ago, it would have been unthinkable that governments would be openly recruiting trojan and backdoor developers to work for them.Yet, that's exactly what's happening now.For a...
View ArticleClik here to view.
A Map of Gameover (P2P ZeuS) Variants #Italy
Our back end automation began logging "Gameover" related IP addresses back in May. Gameover is the Peer-to-Peer variant of the ZeuS banking trojan. Last week, we took 3,300+ of the IPs and performed a...
View ArticleClik here to view.
Revolutionary New "Anti-Fishing" Technology
Take a look at this awesome "anti-fishing" tech we've developed:And it works great!@anttitikkanen On 12/09/12 At 10:04 AM
View ArticleClik here to view.
Slapper
Ten years ago, one of the largest Linux worm outbreaks was underway. Known as Slapper, the worm infected Linux machines via an OpenSSL vulnerability. Infected Linux servers were organized into a P2P...
View ArticleClik here to view.
Cosmo The Hacker God
In early August, Wired.com Gadget Lab writer, Mat Honan, experienced an "epic hacking". His own. • How Apple and Amazon Security Flaws Led to My Epic HackingMat's iPhone, Mac, and Google account...
View ArticleClik here to view.
ZeroAccess: We're Gonna Need a Bigger Planet
Some botnets are so big… you can see them from space (or at least, Google Earth).Here's what the ZeroAccess botnet looks like in Europe: Click image for an expanded view (1680x1030).More to follow —...
View ArticleInternet Explorer Zero-Day and Safe Browsing
The people behind the Java zero-day CVE-2012-4681 have been busy. It was only a few weeks ago that the Java vulnerability was made public and now they have again discovered a hole in Internet Explorer...
View ArticleClik here to view.
The United States of ZeroAccess
Monday's post included a screenshot of the ZeroAccess botnet as visualized in Google Earth. Well, we've finished cleaning up the KML file which now includes 139,447 bot locations based on IP addresses...
View ArticleClik here to view.
It's Out of Cycle Patch Friday
As you probably know by now, there's a critical vulnerability in several versions of Microsoft's Internet Explorer.Microsoft Security Advisory (2757760)Microsoft has previously released a "Fix it".And...
View ArticleClik here to view.
Backdoor:OSX/Imuler.B No Likes Wireshark
A new variant of Mac malware — Imuler.B — has recently surfaced. It's pretty much the same as Backdoor:OSX/Imuler.A, but with small changes and code optimizations. The current C&C server is...
View ArticleClik here to view.
A View Inside Our KUL Lab
Here's an iOS 6 panorama view of our lab in Kuala Lumpur (Malaysia) as taken by analyst @raufridzuan, sometime around 6:45 PM.Click image to embiggen.Looks to be at least four people there. Long day…...
View ArticleClik here to view.
Samsung TouchWiz Devices Vulnerable to Mischief
Saw this tweet yesterday on Twitter:The account is a parody… but the "tel:*2767*3855%23" is quite serious.It's a reference to a "vulnerability" which exists on some versions of Samsung Android phones,...
View ArticleClik here to view.
Adobe Cert Used to Sign Malware
Adobe's head of product security, Brad Arkin, published a very interesting post on Thursday.As it turns out, one of Adobe's build servers was compromised and was used to create malicious files with...
View ArticleClik here to view.
CVE-2012-1535 and Nuclear Warheads
Our corporate business team has an upcoming "software updater" feature in our Protection Service which they want to market. So they asked our lab analyst @TimoHirvonen to provide them with an example...
View ArticleClik here to view.
When You're in the Wild with Websites
This StopBadware video by Bluehost is simply too odd not to share:And it offers some decent advice for keeping your website secure. On 02/10/12 At 12:26 PM
View ArticleClik here to view.
WordPress Premium Theme XSS Vulnerability
On Tuesday, we shared a rather silly video which made a serious point about the need to keep websites secure.Unfortunately, limiting potential website vulnerabilities is not exactly intuitive. There's...
View Article