Lucene search
K

26 matches found

Talos Blog
Talos Blog
added 2019/11/01 10:31 a.m.312 views

Threat Roundup for October 25 to November 1

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 25 and Nov. 1. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

10CVSS10AI score0.99999EPSS
Exploits123
Talos Blog
Talos Blog
added 2019/07/08 6:16 a.m.138 views

Threat Roundup for June 21 to June 28

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 21 and June 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

Exploits0
Talos Blog
Talos Blog
added 2019/05/10 7:16 p.m.598 views

Threat Roundup for May 3 to May 10

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 03 and May 10. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2017/05/02 2:39 p.m.9 views

Malware Hunter Crawls Internet Looking for RAT C2s

A new crawler released today by Shodan designed to find command and control servers has already unearthed 5,800 controllers for more than 10 remote access Trojan RAT families. The crawler, called Malware Hunter, poses as an infected computer beaconing out to an attacker’s server waiting for...

7.8AI score
Exploits0References5
ThreatPost
ThreatPost
added 2015/01/29 2:25 p.m.92 views

ZeroAccess Returns, Resumes Click-Fraud Activity

Long thought dead, the peer-to-peer P2P ZeroAccess botnet has resurfaced, and as of just a few weeks ago, has returned to propagating click-fraud scams. Researchers with Dell’s SecureWorks revealed Wednesday that they witnessed the botnet restart itself from March 21 to July 2, 2014 and that...

9.3CVSS8.2AI score0.99945EPSS
Exploits33References5
ThreatPost
ThreatPost
added 2013/12/23 12:40 p.m.10 views

Microsoft Says ZeroAccess Click-Fraud Botnet Abandoned

Microsoft is declaring the ZeroAccess botnet dead. Two weeks after obtaining a court order to disrupt the botnet’s ability to carry out click-fraud, assistant general counsel Richard Boscovich of Microsoft’s Digital Crimes Unit said late last week that the botmasters behind ZeroAccess had abandon...

0.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2013/12/09 1:28 p.m.14 views

ZeroAccess Peer To Peer Botnet Takedown Incomplete

Microsoft trumpeted its disruption of the ZeroAccess peer-to-peer botnet late last week, but some experts are holding off on scheduling a celebratory ticker-tape parade. With numerous successful takedowns of botnets with a centralized command and control infrastructure in its back pocket, Microso...

0.1AI score
Exploits0References7
The Hacker News
The Hacker News
added 2013/12/07 4:24 a.m.15 views

Microsoft's Digital Crimes Unit successfully disrupted the ZeroAccess Botnet

None...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/12/06 10:43 a.m.7 views

microsoft disrupts zeroaccess botnet

Microsoft’s crusade against botnets raged on yesterday as the Redmond, Wash., computer giant and a coalition of law enforcement agencies and Internet security companies disrupted the notorious ZeroAccess botnet. ZeroAccess, or Sirefef as Microsoft likes to call it, is a malware platform that...

0.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2013/08/12 2:52 p.m.53 views

Counter.php Redirecting to Sites Peddling Styx Exploit Kit

The Counter.php strain of malware has been spotted in the past redirecting users to a handful of malicious sites and now appears to be leveraging that ability to send victims to websites serving up the Styx exploit kit. According to a post on Securelist today, Vincente Diaz, a researcher with...

10CVSS0.4AI score0.97612EPSS
Exploits67References4
ThreatPost
ThreatPost
added 2013/06/19 4:5 p.m.63 views

65 Sites Compromised in ZeroAccess Trojan Attacks

As many as 65 websites have been compromised in an attack that has snared another Washington, D.C.-area media website as well as a number of travel and leisure sites. While the sites aren’t topically related, they’re all hosting advertisements injected with malicious code hosted on...

10CVSS5.4AI score0.85882EPSS
Exploits16References4
ThreatPost
ThreatPost
added 2013/06/10 4:17 p.m.89 views

Free Beacon Article Redirects to ZeroAccess Rootkit, Fake AV

Update: Aaron Harison, president of the Center for American Freedom, told Threatpost this morning that the issue has been resolved and the site is no longer serving malware. Hackers have latched on to the NSA surveillance story—literally. A news story on the outing of whistleblower Edward Snowden...

10CVSS1.6AI score0.97612EPSS
Exploits64References4
ThreatPost
ThreatPost
added 2013/05/31 2:15 p.m.29 views

Peer-to-Peer Botnet Takedowns a Challenge

The FBI, Justice Department and technology companies have had success shutting down botnets that rely on a centralized infrastructure and command and control servers to communicate with bots, steal data or send malicious commands. Peer-to-peer botnets, however, have proven more difficult to take...

0.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2013/05/21 12:56 p.m.20 views

Click-Fraud Falls as Microsoft Fights ZeroAccess Malware

Microsoft said actions it has taken to stymie the ZeroAccess malware have resulted in a drop off in click-fraud traffic. Microsoft Malware Protection Center researchers Tommy Blizard and Nikola Livic made the observation based on a precipitous drop-off in click-traffic on Microsoft’s extended...

0.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/04/30 8:2 p.m.11 views

More Malware Showing Up as Fake SourceForge Web Sites

Malware developers continue to clone SourceForge Web sites that appear to offer the source code for popular gaming software but are actually peddling malicious code tied to the ZeroAccess Trojan. Julien Sobrier, a security researcher for San Jose-based cloud security provider Zscaler, on Tuesday...

7.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2012/10/30 7:39 p.m.11 views

ZeroAccess Botnet Cashing in on Click Fraud and Bitcoin Mining

A mid-year switch in communication protocol and distribution strategy is behind a spike in activity from the ZeroAccess botnet, a prolific and malicious ad click fraud network. Researchers at Kindsight Security Lab reported today that ZeroAccess accounts for 29 percent of home network infections ...

7.7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2012/10/23 2:33 a.m.19 views

Report: 'Aggressive Adware' More Prevalent Among Android Malware

A new report from Trend Micro showed a 483 percent jump in malware — including “aggressive adware” that harvests person data without permission using legitimate ad networks. It’s no surprise that the open nature of the Android platform makes it a magnet for malware, but the type of malware becomi...

0.1AI score
Exploits0References2
The Hacker News
The Hacker News
added 2012/09/19 5:52 p.m.5 views

9 million PCs infected with ZeroAccess botnet

In recent months, we've seen the rootkit family Win32/Sirefef and Win64/Sirefef also known as ZeroAccess Botnet update its command and control protocol and grow to infect more computers while connecting to over one million computers globally. Before, disclosed that it creates its own hidden...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2012/07/20 2:52 a.m.8 views

Report: Bandwith-Burning Malware Among Biggest Consumer Threats

A new malware report indicates Android malware samples grew three-fold last quarter and that one in every 140 devices connected to mobile networks was infected at some point. Closer to home, about 14 percent of household networks were hit by malware this spring, with a 50 percent increase in...

0.2AI score
Exploits0References2
The Hacker News
The Hacker News
added 2011/11/02 4:19 p.m.18 views

Blackhole Exploit Kit attack on WampServer & Wordpress sites

Blackhole Exploit Kit attack on WampServer & Wordpress sites Kimberly from Stopmalvertising found Blackhole Exploit Kit on Website of most popular Webserver software site WAMPSERVER. Almost at the bottom of the webpage they notice a Javascript requesting a file from jquery.googlecode.com. The URL...

7.2AI score
Exploits0
Rows per page
Query Builder