14 matches found
1.2 Million Credit Cards Lost in Staples Data Breach
Retailer Staples has confirmed that point-of-sale malware had been used at 115 of its retail locations in the United States and criminals were able to access 1.16 million payment card numbers during a six-month-long intrusion. Staples said it removed the malware in September from the affected...
Matsnu Botnet DGA Builds Domains From List of Nouns, Verbs
Domain generation algorithms have been botmasters’ favorite tool for keeping malware up and running—and for frustrating security researchers and detection technologies. Like malware, DGAs evolve, thus complicating an already tricky cat-and-mouse game between criminals and white hats. The latest i...
Microsoft to Patch IE 10 Zero Day March 2014 Patch Tuesday
Microsoft will patch a lingering zero-day vulnerability in Internet Explorer next Tuesday, one of five bulletins it will release as part of its March 2014 Patch Tuesday security updates. The IE 10 zero-day was disclosed close to a month ago when researchers at FireEye reported on Operation SnowMa...
Microsoft Ships IE 10 Zero Day Fix-It Tool
Microsoft last night released a Fix-It tool as a temporary mitigation for a zero-day vulnerability in Internet Explorer 10 being exploited by two hacker groups against the Veterans of Foreign Wars in the U.S. as well as a French aerospace manufacturer. IE 9 also contains the same use-after free...
Second Group Seen Using IE 10 Zero Day
There are at least two different groups running attacks exploiting the recently published zero day vulnerability in Internet Explorer 10, and researchers say one of the groups used the bug to impersonate a French aerospace manufacturer and compromise victims visiting the spoofed Web page. The...
XtremeRAT Malware Used in Targeted Attacks Against Israel
Espionage malware used in attacks against Israel, as well as Syrian activists, in the last 18 months has been linked to a new attack against Israel’s Civil Administration, the country’s governing body in the West Bank. Researchers at Seculert reported today that samples of XtremeRAT, a...
DGA Changer Malware Able to Modify Domain-Generation Seed on the Fly
Malware authors have been using domain-generation algorithms for a few years now, often in botnet-related malware that needs to stay one step ahead of takedown attempts and law enforcement agencies. Now, researchers have discovered that a strain of malware that may have been part of the attack in...
'Magic' Espionage Malware Targets UK Computers
Thousands of U.K. business computers have been infected by espionage malware using a custom protocol to communicate with its command and control servers. Researchers at Israeli security company Seculert added that the malware is still percolating with a number of capabilities yet to be deployed...
Java Exploit Linked to Red October Espionage Malware Campaign
Red October, the espionage campaign uncovered by Kaspersky Lab this week after attackers spent five years actively spying on diplomats, scientists, and governments worldwide, is using a Java exploit to infect its victims, bringing the exploit count to four in this campaign. Seculert, an Israeli...
Some Signs Point to Shamoon as Malware in Aramco Attack
While researchers continue to dig into the Shamoon malware, looking for its origins and a complete understanding of its capabilities, a group calling itself the Cutting Sword of Justice is claiming responsibility for an attack on the massive Saudi oil company Aramco, which some experts believe...
New and Improved Madi Spyware Campaign Continues
Madi, the religiously-titled spyware that was discovered last week and thought to be dead, appears to be making a comeback, complete with updates. Kaspersky Lab researcher Nicolas Brulez reverse-engineered the new iteration of the malware, which surfaced on Wednesday. Unlike last week’s original...
Religious 'Madi' Spyware Spies on Critical Infrastructure in Middle East
A new variety of spyware has been targeting users in Iran, Israel and the Middle East for the last eight months according to joint research from Israeli security software firm Seculert and Kaspersky Lab. The new malware is using a variety of odd techniques and misdirection to entice users to...
Aviv Raff on the Evolution of Exploit Kits
In this video, via Kaspersky’s Lab Matters, Ryan Naraine and Seculert’s Aviv Raff discuss the evolution of exploit kits and the recent merger of Spyeye and Zeus...
Carberp Trojan Evolves and Advances
Whatever else is said about malware authors, it’s becoming clearer and clearer of late that they are learning from their mistakes and adapting to new defensive tactics at an increasingly rapid rate. The latest example of this is a recently discovered version of the Carberp malware, which now...