100 matches found
Large-Scale Water Holing Attack Campaigns Hitting Key Targets
A new APT-style espionage campaign launched this summer targeting organizations tied to financial services, government agencies and the defense industry used a technique dubbed water holing to entice victims and silently redirect them to sites hosting zero-day exploits. Researchers at RSA Securit...
Alleged Mariposa Botmaster in Court
One of the men authorities allege to have been behind the massive–and now dead–Mariposa botnet, has gone on trial in Slovenia, more than two years after the initial arrests and takedown of the network. Mariposa was one of the first handful of botnets that authorities and security researchers work...
Attackers Can Use 'Self-Destruct' Feature to Kill Flame
The attackers behind Flame can easily clean up compromised computers, according to research by security firm Symantec who found that some attackers have been able to use command-and-control C&C servers to completely remove the malware from certain machines. According to a post on Symantec’s...
Tiny New Tinba Banker Trojan Found Stealing Financial Data
Security researchers have discovered a tiny new banking Trojan that comprises just 20 KB of code and uses a number of well-word man-in-the-browser tricks in an attempt to defeat two-factor authentication. Known as Tinba, the new malware doesn’t bother with any encryption or packing and yet is...
Apple, Following Microsoft's Lead, Plans to Disable Flashback Botnet
Apple, which usually doesn’t get involved much in security issues outside of issuing patches when needed, said it is working with internet service providers around the world to disable the Flashback botnet’s command and control servers. Flashback exploits a security flaw in Java, Apple explains,...
Flashback Mac Trojan Hits More than 500K Machines
The Flashback Trojan that has been infecting Mac OSX machines of late appears to have become the most successful piece of Mac-based malware in the short history of such things. Researchers say that there have been upwards of 500,000 Macs infected by the malware, and that number may still rise...
Chinese Trojans Gh0stRAT used to attack pro-Tibet organisations
Chinese Trojans Gh0stRAT used to attack pro-Tibet organisations AlienVault has discovered a range of spear phishing attacks taking place against a number of Tibetan organizations apparently from Chinese attackers. The security firm believes that the attacks are originating from the same Chinese...
Microsoft Takes Down Kelihos Botnet
Continuing its legal assault on botnet operators and the hosting companies that the criminals use for their activities, Microsoft has announced new actions against a group of people it contends are responsible for the operation of the Kelihos botnet. The company has also helped to take down the...
TDSS rootkit infects 1.5 million US computers
TDSS rootkit infects 1.5 million US computers Millions of PCs around the world infected by the dangerous TDSS 'super-malware' rootkit as part of a campaign to build a giant new botnet. The report is presented by researchers from security firm Kaspersky Lab. TDSS also known as 'TDL' and sometimes ...
FBI Begins Purging Coreflood Infected PCs
The FBI has issued some 19,000 uninstall commands to the computers of 24 individuals infected by the Coreflood botnet, effectively purging their machines of that malware, and leaving behind no unintended consequences thus far according to a report from Brian Krebs. This move was made possible by...
FBI cracks International Bot Network !
FBI cracks International Bot Network ! The Department of Justice and FBI declared that it has cracked a network of hackers, who have infected almost 2 million computers with a harmful "bot" program, Coreflood that steals private and monetary data from computers. Identified as a "bot" network- as...
Report Describes Far-Flung Chinese Cyber Espionage Against U.S. Government
The massive campaign of cyber intrusions of U.S. government Web sites by China’s People’s Liberation Army PLA now has a name: “Byzantine Hades,” according to a report Thursday by Reuters. The report says that China has gained the upper hand over the U.S. in the arena of cyberwarfare, developing a...
DOJ Shuts Down Botnet, Disables Infected Systems
The U.S. Department of Justice and the FBI said on Wednesday that they had taken actions to disable an international botnet of more than two million infected computers that was stealing corporate data including user names, passwords and financial information. Thirteen unnamed “John Doe” defendent...
Report: Rustock Operators or Operator
A Krebsonsecurity piece looks into the unknown party behind the Rustock botnet, and whether it may have been operated by just one person. By interviewing investigators involved in the takedown, a joint operation carried out by Microsoft, FireEye, and various law enforcement agencies, Krebs...
Reports: Rustock Born in the USA
U.S. hosting firms accounted for the bulk of the command and control centers for the Rustock botnet, with many firms claiming that they had no idea they were harboring an illegal criminal network on their infrastructure, according to a story in Krebsonsecurity.com. Threatpost reported last week...
Darkshell Botnets Targeting Chinese Manufacturers With DDoS Attacks
Researchers are tracking a new bot that originated in China and is being used by various associated botnets that are hammering away with DDoS attacks aimed at several dozen targets around the world, including a number of telecom companies and specialized manufacturers. The piece of malware behind...
'SMS of Death' Attacks Can Crash the Simplest of Phones
Malicious text messages can crash many types of mobile phones, including devices by Samsung, Sony Ericsson, Motorola and LG, according to a presentation given at the Chaos Communication Congress hacking conference this week in Berlin. Nicknamed ‘SMS of Death,’ the attacks were outlined by Collin...
New Malware Murofet Following Conficker's Lead
It’s been a blissful few months since Conficker last reared its over-hyped head, but now there’s a new piece of malware that is adopting some of the tactics that Conficker used. The malware, known as Murofet, is using Conficker’s technique of generating thousands of new domains for updates every...
Some Pushdo Variants Resuming Spam Operations
A few days after the majority of the command-and-control servers belonging to one of the variants of the Pushdo botnet were taken offline, some researchers say that there are indications that portions of the botnet are back to their old tricks, downloading new spam templates for a resumption of...
Waledac Botnet Now Completely Crippled, Experts Say
After Microsoft’s actions to take down the Waledac botnet last month, there was some question about whether the operation was much more than a grab for headlines that would have little effect on actual spam levels or malware infections. But more than three weeks after the takedown, researchers sa...