Clik here to view.
Spamvertised ‘Image has been sent’ Evernote themed campaign serves...
Cybercriminals continue to populate their botnets, with new infected hosts, through the persistent and systematic spamvertising of tens of thousands of fake emails which impersonate popular and well...
View ArticleClik here to view.
Spamvertised ‘You received a new message from Skype voicemail service’ themed...
We’ve just intercepted a currently circulating malicious spam campaign that’s attempting to trick potential botnet victims into thinking that they’ve received a legitimate Voice Message Notification...
View ArticleCan Security Survive in an Increasingly Insecure World?
2013 was not a good year in terms of cyber security. Despite companies spending an increasingly significant percent of revenue on security technology – systems designed to thwart, detect and prevent...
View ArticleClik here to view.
Deceptive ads expose users to PUA.InstallBrain/PC Performer PUA (Potentially...
Deceptive ads continue to represent the primary distribution vector for the vast majority of Potentially Unwanted Applications (PUAs) that we track. Primarily relying on ‘visual social engineering’...
View ArticleSolving the mystery of incidence response
The threat landscape today is very different from a few years ago. With an increasingly creative number of threat vectors through which to launch an attack, it has never been more challenging to secure...
View ArticleClik here to view.
Managed Web-based 300 GB/s capable DNS amplification enabled malware bot...
Opportunistic cybercriminals continue ‘innovating’ through the systematic release of DIY (do-it-yourself), Web-based, botnet/malware generating tools, seeking to monetize their coding ‘know-how’ and...
View ArticleClik here to view.
Commercial Windows-based compromised Web shells management application...
Sticking to good old fashioned TTPs (tactics, techniques and procedures), cybercriminals continue mixing purely malicious infrastructures with legitimate ones, for the purpose of abusing the clean IP...
View ArticleClik here to view.
Multiple spamvertised bogus online casino themed campaigns intercepted in the...
Regular readers of Webroot’s Threat Blog are familiar with our series of posts detailing the proliferation of social engineering driven, privacy-violating campaigns serving W32/Casino variants. Relying...
View ArticleSXSW Apps Exposed Panel Re-cap (#MobileRisk)
Security and privacy were hot topics at this year’s SXSW Interactive festival, and deservingly so. While at the event in Austin, I had the pleasure of participating on a panel discussing malicious...
View ArticleClik here to view.
5M+ harvested Russian mobile numbers service exposes fraudulent infrastructure
Cybercriminals continue adapting to the exponential penetration of mobile devices through the systematic release of DIY (do-it-yourself) mobile number harvesting tools, successfully setting up the...
View Article#SXSW 2014 and the future of digital security
Security and privacy were hot topics at this year’s SXSW Interactive festival, and deservingly so. While at the event in Austin, Grayson Milbourne had the pleasure of participating on a panel...
View ArticleClik here to view.
Socks4/Socks5 enabled hosts as a service introduces affiliate network based...
Thanks to the commercial and public availability of DIY (do-it-yourself) modular malware/botnet generating tools, the diverse market segment for Web malware exploitating kits, as well as traffic...
View ArticleClik here to view.
A peek inside a modular, Tor C&C enabled, Bitcoin mining malware bot
Cybercriminals continue to maliciously ‘innovate’, further confirming the TTP (tactics, techniques and procedure) observations we made in our Cybercrime Trends – 2013 assessment back in December, 2013,...
View ArticleClik here to view.
Managed anti-forensics IMEI modification services fuel growth in the...
Everyday cybercriminals actively take advantage of basic OPSEC (Operational Security) tactics, aiming to risk-forward their fraudulent/malicious online activity to a third-party, while continuously...
View ArticleClik here to view.
Commercially available database of 52M+ ccTLD zone transfer domains spotted...
For years, cybercriminals have been building ‘hit lists’of potential targets through automated and efficiency-oriented reconnaissance TTPs (tactics, techniques and procedures). The aim is to...
View ArticleClik here to view.
Deceptive ads expose users to the Adware.Linkular/Win32.SpeedUpMyPC.A PUAs...
Rogue vendors of Potentially Unwanted Applications (PUAs) continue tricking tens of thousands of gullible users into installing deceptive and privacy violating applications. Largely relying on ‘visual...
View ArticleClik here to view.
DIY automatic cybercrime-friendly ‘redirector generating’ service spotted in...
Cybercriminals continue actively abusing/mixing legitimate and purely malicious infrastructure, on their way to take advantage of clean IP reputation, for the purpose of achieving a positive ROI...
View ArticleClik here to view.
Managed DDoS WordPress-targeting, XML-RPC API abusing service, spotted in the...
With WordPress continuing to lead the CMS market segment, with the biggest proportion of market share, cybercriminals are actively capitalizing on the monocultural insecurities posed by this trend, in...
View ArticleClik here to view.
Fake Reviews Trick Google Play Users
Here at Webroot, we are constantly on the lookout for malevolent Android apps. In most cases, you do something malicious with your app and you get marked accordingly, but it’s not always that simple....
View ArticleClik here to view.
All About Windows Tech Support Scams
*Editors Notes: The purpose of this research was to see exactly how this scam is carried out, and the extent to which it is done. DO NOT TRY THIS AT HOME. We used a clean machine, off network, to...
View Article