Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Showcase


Channel Catalog


Channel Description:

Internet security threat updates and insights.

older | 1 | .... | 6 | 7 | (Page 8) | 9 | 10 | .... | 40 | newer

    0 0

    By Dancho Danchev Kindle owners, watch what you click on! Cybercriminals are currently attempting to trick Kindle owners into thinking that they’ve received a receipt from an E-book purchase from Amazon.com. In reality, when users click on any of the links found in the malicious emails, they’re automatically exposed to the  client-side exploits served by [...]

    ddanchevEmail_Spam_Exploits_Malware_Amazon_Kindle_Ebook_Receipt_Black_Hole_Exploit_KitddanchevEmail_Spam_Exploits_Malware_Amazon_Kindle_Ebook_Receipt_Black_Hole_Exploit_Kit

    0 0

    by Armando Orozco Recently, two applications designed with malicious intent were discovered within the Google Play application store.  The apps were built with a façade of being utility cleaners designed to help optimize Android-powered phones, but in reality, both apps had code built in designed to copy private files, including photos, and submit them to [...]

    armandoorozcoSick AndroidarmandoorozcoSick Android

    0 0

    By Dancho Danchev What are cybercrime-facilitating programmers up to when they’re not busy fulfilling custom orders? Releasing DIY (do-it-yourself) user-friendly tools allowing anyone an easy entry into the world of cybercrime, and securing their revenue streams thanks to the active advertisements of these tools across closed cybercrime-friendly Web communities. In this post, I’ll profile a recently advertised [...]

    ddanchevDIY_Botnet_Malware_Mexico_CybercrimeDIY_Botnet_Malware_Mexico_Cybercrime_01DIY_Botnet_Malware_Mexico_Cybercrime_02DIY_Botnet_Malware_Mexico_Cybercrime_03DIY_Botnet_Malware_Mexico_Cybercrime_04ddanchevDIY_Botnet_Malware_Mexico_CybercrimeDIY_Botnet_Malware_Mexico_Cybercrime_01DIY_Botnet_Malware_Mexico_Cybercrime_02DIY_Botnet_Malware_Mexico_Cybercrime_03DIY_Botnet_Malware_Mexico_Cybercrime_04

    0 0

    By Dancho Danchev Need a good reason not to connect to the public Web with your phone? Wonder where all that SMS spam is coming from? Keep reading. Mobile phone spammers have recently released a new version of a well known phone number harvesting tool, whose main objective is to crawl the public Web and index mobile [...]

    ddanchevDIY_Phone_Harvesting_Tool_Russia_UkraineDIY_Phone_Harvesting_Tool_Russia_Ukraine_01DIY_Phone_Harvesting_Tool_Russia_Ukraine_02DIY_Phone_Harvesting_Tool_Russia_Ukraine_03DIY_Phone_Harvesting_Tool_Russia_Ukraine_04ddanchevDIY_Phone_Harvesting_Tool_Russia_UkraineDIY_Phone_Harvesting_Tool_Russia_Ukraine_01DIY_Phone_Harvesting_Tool_Russia_Ukraine_02DIY_Phone_Harvesting_Tool_Russia_Ukraine_03DIY_Phone_Harvesting_Tool_Russia_Ukraine_04

    0 0

    By Dancho Danchev Thanks to the success of multiple botnet aggregating malicious campaigns launched in the wild, cybercriminals are launching malware-infected-hosts — also known as loads — as a service type of underground market propositions, in an attempt to monetize the botnet’s infected population by selling “partitioned” access to it. How much does it cost [...]

    ddanchevMalware_Infected_Hosts_Hacked_PCs_For_SaleddanchevMalware_Infected_Hosts_Hacked_PCs_For_Sale

    0 0

    By Dancho Danchev Throughout the past year, we observed an increase in the availability of malicious (DIY) tools and services that were once exclusively targeting sophisticated cybercriminals, often operating within invite-only cybercrime-friendly Web communities. This development is a clear indication that the business models behind these tools and services cannot scale, and in order to ensure [...]

    ddanchevPhone_Ring_Flood_Managed_ServicePhone_Ring_Flood_Managed_Service_SiteddanchevPhone_Ring_Flood_Managed_ServicePhone_Ring_Flood_Managed_Service_Site

    0 0

    By Dancho Danchev Cybercriminals are currently spamvertising two separate campaigns, impersonating Facebook Inc., in an attempt to trick its users into thinking that their Facebook account has been disabled. What these two campaigns have in common is the fact that the client-side exploits serving domains are both parked on the same IP. Once users click on [...]

    ddanchevEmail_Spam_Facebook_Account_Blocked_Disabled_Exploits_Malware_Black_Hole_Exploit_KitddanchevEmail_Spam_Facebook_Account_Blocked_Disabled_Exploits_Malware_Black_Hole_Exploit_Kit

    0 0

    By Dancho Danchev Its tax season and cybercriminals are mass mailing tens of thousands of IRS (Internal Revenue Service) themed emails in an attempt  to trick users into thinking that their income tax refund has been “turned down”. Once users click on any of the links found in the malicious emails, they’re automatically exposed to [...]

    ddanchevIRS_Income_Tax_Appeal_Spam_Email_Malware_Black_Hole_Exploit_KitddanchevIRS_Income_Tax_Appeal_Spam_Email_Malware_Black_Hole_Exploit_Kit

    0 0

    By Dancho Danchev We’ve recently intercepted a localized — to Bulgarian — malware campaign, that’s propagating through Facebook Wall posts. Basically, a malware-infected user would unknowingly post a link+enticing message, in this case “Check it out!“, on their friend’s Walls, in an attempt to abuse their trusted relationship and provoke them to click on the [...]

    ddanchevFacebook_Wall_Spam_Malware_LinksddanchevFacebook_Wall_Spam_Malware_Links

    0 0

    By Dancho Danchev Over the last couple of days, we’ve been monitoring a persistent attempt to infect tens of thousands of users with malware through a systematic rotation of multiple social engineering themes. What all of these campaigns have in common is the fact that they all share the same malicious infrastructure. Let’s profile one [...]

    ddanchevEmail_Spam_Malware_Exploits_Wire_Transfer_Fake_Black_Hole_Exploit_KitddanchevEmail_Spam_Malware_Exploits_Wire_Transfer_Fake_Black_Hole_Exploit_Kit

    0 0

    By Dancho Danchev On a daily basis, largely thanks to the efficiency-centered malicious campaigns circulating in the wild, cybercriminals get access to tens of thousands of accounting credentials across multiple Web properties, and most disturbingly, online payment processing services like PayPal. We’ve recently spotted a newly launched underground E-shop that’s exclusively selling access to hacked [...]

    ddanchevPayPal_Hacked_Accounts_For_Sale_ShopPayPal_Hacked_Accounts_For_Sale_Shop_01PayPal_Hacked_Accounts_For_Sale_Shop_02PayPal_Hacked_Accounts_For_Sale_Shop_03PayPal_Hacked_Accounts_For_Sale_Shop_04ddanchevPayPal_Hacked_Accounts_For_Sale_ShopPayPal_Hacked_Accounts_For_Sale_Shop_01PayPal_Hacked_Accounts_For_Sale_Shop_02PayPal_Hacked_Accounts_For_Sale_Shop_03PayPal_Hacked_Accounts_For_Sale_Shop_04

    0 0

    By Dancho Danchev On a periodic basis, cybercriminals are spamvertising malicious campaigns impersonating Verizon Wireless to tens of thousands of Verizon customers across the globe in an attempt to trick them into interacting with the fake emails. Throughout 2012, we intercepted two campaigns pretending to come from the company, followed by another campaign intercepted last month. This tactic largely relies [...]

    ddanchevVerizon_Wireless_Statement_Fake_Email_Spam_Exploits_Malware_Black_Hole_Exploit_KitddanchevVerizon_Wireless_Statement_Fake_Email_Spam_Exploits_Malware_Black_Hole_Exploit_Kit

    0 0

    By Dancho Danchev Just how easy is it to generate an undetected piece of malware these days? Too easy to be true, largely thanks to the rise of managed crypting services, and the re-emergence of the DIY (do it yourself) trend within the entire cybercrime ecosystem. With hundreds of thousands of new malware variants processed [...]

    ddanchevMalware_Crypting_as_a_Web_ServiceddanchevMalware_Crypting_as_a_Web_Service

    0 0

    The mobile landscape has boomed in the last couple of years mostly in part because of Android devices and social networking. This has opened the door for everyone to have access to a smartphone and have the cyber world at their fingertips. Smartphones have become an extension of us, and we now have our email, [...]

    mobilesecurityarmandoorozcomobilesecuritymobilesecurityarmandoorozcomobilesecurity

    0 0

    By Dancho Danchev A cybercriminal/gang of cybercriminals that we’ve been closely monitoring for a while now has just launched yet another spam campaign, this time impersonating the “Data Processing Service” company, in an attempt to trick its customers into interacting with the malicious emails. Once they do so, they are automatically exposed to the client-side [...]

    ddanchevFake_Email_Spam_Exploits_Malware_Black_Hole_Exploit_Kit_Data_Processing_Service_ACHddanchevFake_Email_Spam_Exploits_Malware_Black_Hole_Exploit_Kit_Data_Processing_Service_ACH

    0 0

    By Dancho Danchev Have you ever received a blank call, and no one was on the other side of the line? What about a similar blank SMS received through your mobile carrier’s Mail2SMS gateway? There’s a high probability that it was a mobile spammer who’s automatically and efficiently verifying the validity of a recently harvested database [...]

    ddanchevMobile_Spam_Number_Verification_USB_ModemMobile_Spam_Number_Verification_USB_Modem_01Mobile_Spam_Number_Verification_USB_Modem_02Mobile_Spam_Number_Verification_USB_Modem_SIPMobile_Spam_Number_Verification_USB_Modem_SIP_01Mobile_Spam_Number_Verification_USB_Modem_SIP_02ddanchevMobile_Spam_Number_Verification_USB_ModemMobile_Spam_Number_Verification_USB_Modem_01Mobile_Spam_Number_Verification_USB_Modem_02Mobile_Spam_Number_Verification_USB_Modem_SIPMobile_Spam_Number_Verification_USB_Modem_SIP_01Mobile_Spam_Number_Verification_USB_Modem_SIP_02

    0 0

    By Dancho Danchev Earlier this month, we profiled and exposed a newly launched underground service offering access to tens of thousands of malware-infected hosts, with an emphasis on the fact that U.S.-based hosts were relatively more expensive to acquire, largely due to the fact that U.S.-based users are known to have a higher online purchasing [...]

    ddanchevMalware_Infected_Hosts_as_a_Service_International_Europe_USAddanchevMalware_Infected_Hosts_as_a_Service_International_Europe_USA

    0 0

    On Wednesday, February 27th, Webroot threat researchers Grayson Milbourne and Armando Orozco presented at the RSA Conference in San Francisco.  Their topic, Android Malware Exposed – An In-depth Look at its Evolution, is an expansion on their previous year’s presentation, highlighting the severity of the Android malware growth.  Focusing on the history of operating system [...]

    rmelick20132-28-2013 11-38-16 AM2-28-2013 11-38-39 AM2-28-2013 1-44-05 PMrmelick20132-28-2013 11-38-16 AM2-28-2013 11-38-39 AM2-28-2013 1-44-05 PM

    0 0

    By Dancho Danchev Thanks to basic disruptive factors like standardization, DIY (do it yourself) underground market releases, Cybercrime-as-a-Service ”value added” propositions, efficiency-centered client-side exploitation process, QA (Quality Assurance), and adaptation to the ubiquitous endpoint protection mechanisms, such as for instance, signatures-based antivirus scanning, the cybercrime ecosystem is currently enjoying the monetary joys of its mature state. In this post, I’ll profile a recently advertised [...]

    ddanchevDIY_DDoS_Bot_Botnet_IRCddanchevDIY_DDoS_Bot_Botnet_IRC

    0 0

    By Dancho Danchev Yesterday, a relatively unknown group of cybercriminals publicly announced the availability of a new Web malware exploitation kit. What’s so special about it is the fact that its current version is entirely based on Java exploits (CVE-2012-1723 and CVE-2013-0431), naturally, with “more exploits to be introduced any time soon”. Let’s take a [...]

    ddanchevWeb_Malware_Exploitation_Kit_Statistics_LoadsddanchevWeb_Malware_Exploitation_Kit_Statistics_Loads

older | 1 | .... | 6 | 7 | (Page 8) | 9 | 10 | .... | 40 | newer