Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Showcase


Channel Catalog


Channel Description:

Internet security threat updates and insights.

older | 1 | .... | 13 | 14 | (Page 15) | 16 | 17 | .... | 40 | newer

    0 0

    What is Tor? Is it really secure? What about the Apple App Store approval process? Are all these applications really looked at? In today’s episode, Grayson Milbourne covers the exploitation of the Tor network through Firefox and a proof of concept showing just how insecure Apple app testing can be.

    The post [Video] ThreatVlog, Episode 1: Tor and Apple exploits revealed appeared first on Webroot Threat Blog.


    0 0

    Over the next few days, you will begin to see some changes to the Webroot ThreatBlog.  As the company has grown, so has the need for our threat research to be delivered in a clearer, more concise manner.  We have worked long and hard on the new blog, including adding new content like the ThreatVlog, as well as highlighting the individuals behind all the great threat research done here at Webroot. So with that, we want to welcome you to the brand new Webroot ThreatVlog.  It is more than a URL update, but a whole new look to help you better […]

    The post Changes to the Webroot ThreatBlog appeared first on Webroot Threat Blog.


    0 0

    What is Tor? Is it really secure? What about the Apple App Store approval process? Are all these applications really looked at? In today’s episode, Grayson Milbourne covers the exploitation of the Tor network through Firefox and a proof of concept showing just how insecure Apple app testing can be.

    The post [Video] ThreatVlog, Episode 1: Tor and Apple exploits revealed appeared first on Webroot Threat Blog.


    0 0

    Over the next few days, you will begin to see some changes to the Webroot ThreatBlog.  As the company has grown, so has the need for our threat research to be delivered in a clearer, more concise manner.  We have worked long and hard on the new blog, including adding new content like the ThreatVlog, as well as highlighting the individuals behind all the great threat research done here at Webroot. So with all that, we want to welcome you to the brand new Webroot ThreatVlog.  It is more than a URL update, but a whole new look to help you […]

    The post Changes to the Webroot ThreatBlog appeared first on Webroot Threat Blog.


    0 0

    In this episode of ThreatVlog, Grayson Milbourne covers the information behind the Syrian Electronic Army’s hacking of New York Times, Twitter, and Huffington Post. Grayson includes a breakdown of the hack as well as information on how to keep your own websites protected form this malicious behavior.

    The post [Video] ThreatVlog, Episode 3: NYT, Twitter, and HuffPost hacked by Syrian Electronic Army appeared first on Webroot Threat Blog.


    0 0

    Back in June, 2013, we offered a peek inside a DIY Android .apk decompiler/injector that was not only capable of ‘binding’ malicious Android malware to virtually any legitimate app, but also, was developed to work exclusively with a publicly obtainable Android-based trojan horse. In this post, I’ll profile a similar, recently released cybercrime-friendly Windows-based tool that’s capable of generating malicious ‘sensitive information stealing’ Android .apk apps, emphasize on its core features, and most importantly, discuss in depth the implications this type of tool could have on the overall state of the Android malware market. More details: Sample screenshots of the malicious […]

    The post DIY malicious Android APK generating ‘sensitive information stealer’ spotted in the wild appeared first on Webroot Threat Blog.


    0 0

    Over the last couple of days, we’ve intercepted a rather interesting fraudulent approach that’s not just successfully hitting the inboxes of users internationally, but is also popping up as an event on their Android Calendar apps. How is this possible? Fairly simple. Sample screenshot of the fraudulent Google Calendar invitation: Through automatic registration — thanks to the outsourcing of the CAPTCHA solving process — fraudsters are registering thousands of bogus accounts to be later on abused as being part of Google’s Ecosystem, the Calendar feature in particular, which is also automatically syndicated on all Android devices. Therefore, by automating the […]

    The post Scammers pop up in Android’s Calendar App appeared first on Webroot Threat Blog.


    0 0

    In this episode of ThreatVlog, Nathan Collier covers the old, but still around, SMS Fake Installer, a Russian based program used to trick phone users to send premium text messages, costing money to the user. Nathan talks about how these threats work, how this threat is different, and the easiest way to stay protected on your Android powered phone.

    The post [Video] Episode 4: ThreatVlog SMS Fake Installer tricking Android Users appeared first on Webroot Threat Blog.


    0 0

    The idea of controlling multiple, high-bandwidth empowered servers for launching DDoS attacks, compared to, for instance, controlling hundreds of thousands of malware-infected hosts, has always tempted cybercriminals to ‘innovate’ and seek pragmatic ‘solutions’ in order to achieve this particular objective. Among the most recent high profile example utilizing this server-based DDoS attack tactic is Operation Ababil, or Izz ad-Din al-Qassam a.k.a Qassam Cyber Fighters attacks against major U.S financial institutions, where the use of high-bandwidth servers was utilized by the attackers. This indicates that wishful thinking often tends to materialize. In this post, we’ll take a peek inside what appears to […]

    The post Web-based DNS amplification DDoS attack mode supporting PHP script spotted in the wild appeared first on Webroot Threat Blog.


    0 0

    In a series of blog posts, we’ve been profiling the tactics and DIY tools of novice cybercriminals, whose malicious campaigns tend to largely rely on social engineering techniques, on their way to trick users into thinking that they’ve been exposed to a legitimate Java applet window. These very same malicious Java applets, continue representing a popular infection vector among novice cybercriminals, who remain the primary customers of the DIY tools/attack platforms that we’ve been profiling. In this post, I’ll discuss a popular service, that’s exclusively offering hosting services for malicious Java applets. Sample screenshot of the service: For a one time […]

    The post Managed Malicious Java Applets Hosting Service Spotted in the Wild appeared first on Webroot Threat Blog.


    0 0

    In this episode of ThreatVlog, Tyler Moffitt talks about the 2 million user hack that Vodafone experienced last week, which investigators are saying is an inside job.  He also goes into the arrest of Superhacker out of Argentina, who turned computers into zombies and was able to steal $50,000 a month from users.  And in big news, Grand Theft Auto V was released today, and already torrents are being discovered packed full of malware and phishing schemes.

    The post [Video] Episode 5: Vodafone hacked, Super Hacker arrested, and bad GTAV torrents appeared first on Webroot Threat Blog.


    0 0

    Affiliate networks are an inseparable part of the cybercrime ecosystem. Largely based on their win-win revenue sharing model, throughout the years, they’ve successfully established themselves as a crucial part of the cybercrime growth model, further ensuring that a cybercriminal will indeed receive a financial incentive for his fraudulent/malicious activities online. From pharmaceutical affiliate networks, iPhone selling affiliate networks, to affiliate networks for pirated music and OEM (Original Equipment Manufacturer) software, cybercriminals continue to professionally monetize each and every aspect of the underground marketplace, on their way to harness the experience, know-how and traffic acquisitions capabilities of fellow cybercriminals. In this […]

    The post Affiliate network for mobile malware impersonates Google Play, tricks users into installing premium-rate SMS sending rogue apps appeared first on Webroot Threat Blog.


    0 0

    We’ve all seen it; maybe it’s on your own computer, or that of a friend, your spouse, child, or parent. Your home page has been changed to some search engine you’ve never heard of, there’s a new, annoying toolbar in your browser. Maybe you’re getting popup ads or have a rogue security product claiming you’re infected and asking you to buy the program to remove the infection. Even worse, you don’t know how it got there! Welcome to the world of Potentially Unwanted Applications (PUAs.) Chances are that these programs were inadvertently installed while installing software from sites that use […]

    The post How to avoid unwanted software appeared first on Webroot Threat Blog.


    0 0

    Opportunistic 419 advance fee scammers are currently using CNN.com’s “Email This” feature to spamvertise Syrian Crysis themed emails, in an attempt to successfully bypass anti-spam filters. Ultimately tricking users into interacting with these fraudulent emails. The emails are just the tip of the iceberg in an ongoing attempt by multiple cybercrime gangs, looking to take advantage of the geopolitical situation (event-based social engineering attack) for fraudulent purposes, who continue spamming tens of thousands of emails impersonating internationally recognized agencies, on their way to socially engineer users into believing the legitimacy of these emails. Sample screenshot of the spamvertised email: This isn’t […]

    The post 419 advance fee fraudsters abuse CNN’s ‘Email This’ Feature, spread Syrian Crisis themed scams appeared first on Webroot Threat Blog.


    0 0

    For years, cybercriminals have been abusing a rather popular, personally identifiable practice, namely, the activation of an online account for a particular service through SMS. Relying on the basic logic that a potential service user would not abuse its ToS (Terms of Service) for fraudulent or malicious purposes. Now that it associates a mobile with the account, the service continues ignoring the fact the SIM cards can be obtained by providing fake IDs, resulting in the increased probability for direct abuse of the service in a fraudulent/malicious fashion. What are cybercriminals up to in terms of anonymous SIM cards these days? Differentiating […]

    The post Cybercriminals offer anonymous mobile numbers for ‘SMS activation’, video tape the destruction of the SIM card on request appeared first on Webroot Threat Blog.


    0 0

    The general availability of DIY malware generating tools continues to contribute to the growth of the ‘malware-infected hosts as anonymization stepping stones‘ Socks4/Socks5/HTTP type of services, with new market entrants entering this largely commoditized market segment on a daily basis. Thanks to the virtually non-attributable campaigns that could be launched through the use of malware-infected hosts, the cybercrime underground continues to seek innovative and efficient ways to integrate the inventories of these services within the market leading fraudulent/malicious campaigns managing/launching tools and platforms. Let’s take a peek at one of the most recently launched services offering automatic access to hundreds of […]

    The post Yet another ‘malware-infected hosts as anonymization stepping stones’ service offering access to hundreds of compromised hosts spotted in the wild appeared first on Webroot Threat Blog.


    0 0

    Based on historical evidence gathered during some of the major ‘opt-in botnet’ type of crowdsourced DDoS (distributed denial of service) attack campaigns that took place over the last couple of years, the distribution of point’n'click DIY DoS (denial of service attack) tools continues representing a major driving force behind the success of these campaigns. A newly released DIY DoS tool aims to empower technically unsophisticated users with the necessary expertise to launch DDoS attacks by simultaneously utilizing an unlimited number of publicly/commercially obtainable Socks4/Socks5/HTTP-based malware-infected hosts, most commonly known as proxies. Sample screenshot of the DIY DoS (Denial of Service) […]

    The post Cybercriminals experiment with ‘Socks4/Socks5/HTTP’ malware-infected hosts based DIY DoS tool appeared first on Webroot Threat Blog.


    0 0

    Today’s modern cybercrime ecosystem offers everything a novice cybercriminal would need to quickly catch up with fellow/sophisticated cybercriminals. Segmented and geolocated lists of harvested emails, managed services performing the actual spamming service, as well as DIY undetectable malware generating tools, all result in a steady influx of new (underground) market entrants, whose activities directly contribute to the overall growth of the cybercrime ecosystem. Among the most popular questions the general public often asks in terms of cybercrime, what else, besides money, acts as key driving force behind their malicious and fraudulent activities? That’s plain and simple greed, especially in those […]

    The post Cybercriminals sell access to tens of thousands of malware-infected Russian hosts appeared first on Webroot Threat Blog.


    0 0

    Cybercriminals are mass mailing tens of thousands of malicious Federal Deposit Insurance Corporation (FDIC) themed emails, in an attempt to trick users into clicking on the client-side exploits serving and malware dropping URLs found in the bogus emails. Let’s dissect the campaign, expose the portfolio of malicious domains using it, provide MD5s for a sample exploit and the dropped malware, as well as connect the campaign with previously launched already profiled malicious campaigns. Sample screenshot of the spamvertised email: Sample redirection chain: hxxp://stranniki-music.ru/insurance.problem.html (62.173.142.30) -> hxxp://www.fdic.gov.horse-mails.net/news/fdic-insurance.php (174.142.186.89; 216.218.208.55; 109.71.136.140; 37.221.163.174; 95.111.32.249) Email: comicmotors@writeme.com Known to have responded to the same IP (174.142.186.89) […]

    The post Spamvertised “FDIC: Your business account” themed emails serve client-side exploits and malware appeared first on Webroot Threat Blog.


    0 0

    In this episode of the ThreatVlog, Marcus Moreno discusses a new, very malicious form of FBI Ransomware that forces the users of infected machines to look at illegal imagery, taking the scare tactics to the next level. He also discusses a new Javascript hack that takes over your browser temporarily, attempting to get people to pay for it to be unlocked.

    The post ThreatVlog Episode 6: FBI Ransomware forcing child porn on infected computers appeared first on Webroot Threat Blog.


older | 1 | .... | 13 | 14 | (Page 15) | 16 | 17 | .... | 40 | newer