Malware

Progress on CCleaner Investigation

Vince Steckler & Ondřej Vlček, 21 September 2017<p>Large technology and telecommunications companies were targeted<p>Following the take-down of the CnC …

Security

First ever crypto-mining Chrome extension discovered

A Chrome browser extension, with over 140,000 users, is gobbling up the resources of users’ computers by secretly mining for virtual cash.<p>The …

Chrome Browser

Hackers backdoored CCleaner for a month: Over 2 million infected with malware

Hackers backdoored the popular CCleaner Windows utility; for nearly a month, two malware-tainted versions collected computer names, IP addresses, …

Security

CCleanup: A Vast Number of Machines at Risk

<i>This post was authored by: Edmund Brumaghin, Ross Gibb, Warren Mercer, Matthew Molyett, and Craig Williams</i><p>Introduction<p>Supply chain attacks are a very …

Security

Developers Unwittingly Embedded Malware in Their Android Apps via Shady SDK

Malware authors hid malicious code inside a software development kit (SDK) that developers embedded in their Android apps, unwittingly exposing their …

Security

Drive Genius adds Mac antivirus to its arsenal

<i>This post is brought to you by Prosoft Engineering, maker of Drive Genius 5.</i><p>If you’re serious about taking care of your Mac, you probably use a variety of third-party applications. From VPNs to defragging, managing backups to scanning for viruses, it takes a village of apps to keep Macs at their …

Security

Avast Pro Antivirus Review

<i>IGN is reviewing all the biggest antivirus programs all week long. They’re evaluated based on ease of use, price, features, and a variety of testing</i> …

Security

Defray Ransomware Targeting Education and Healthcare Organizations

“A single spear-phishing email carrying a slightly altered malware can bypass multi-million-dollar enterprise security solutions if an adversary …

Security

File Exclusions for SharePoint, SQL, OWA, IIS and Windows Server

Compiled a list of file exclusions based on a few different sources to have in one place.<p>SharePoint Server Exclusions<p>Note In the following sections, …

Microsoft SQL Server

Don't fall for this 'missing font' scam spreading malware to Chrome and Firefox browsers

The warning reads 'HoeflerText font wasn't found'. Experts say never click it.<p>Hackers are now using a sneaky pop-up technique posing as a font update …

Security

Webroot SecureAnywhere Antivirus Review

<i>IGN is reviewing all the biggest antivirus programs all week long. They’re evaluated based on ease of use, price, features, and a variety of testing</i> …

Security

DKMC - Malicious Payload Evasion Tool

<b>Don't kill my cat</b> is a tool that generates obfuscated shellcode that is stored inside of polyglot images. The image is 100% valid and also 100% valid …

Security

PowerPoint Presentation Exploiting CVE-2017-0199

Researchers at FortiGaurd had discrovered a new Power Point Presentation File named “ADVANCED DIPLOMATIC PROTOCOL AND ETIQUETTE SUMMIT.ppsx” …

Security

IRS Warns of Emails Spreading Ransomware

The Internal Revenue Service (IRS) is warning US citizens of a new phishing scheme that poses as official IRS communications in the hopes that …

Identity Theft

Automating Lab Environments with LabInaBox on Prem or in the Cloud.

Today building out repeatable demo/lab environments quickly has become a necessity. Previous this year I released LabInaBox which provided for a …

Linux

Mac's Biggest Threats Lurk in the Apple App Store

Mac malware is on the rise, especially adware and potentially unwanted programs in the App Store.<p>Apple Mac devices, while largely considered safer …

Security

Mac malware continuing to escalate, warn security researchers

Malware targeting the Mac operating system has seen a significant growth in the first half of this hear, according to security firm Malwarebytes

Business Technology

Malicious Chrome Extensions Stealing Roblox In-Game Currency, Sending Cookies via Discord

We recently discussed how cyber criminals are using the popular voice/chat client Discord to steal cookies from the running Roblox process on a …

Security

Multi-Platform Macro Phishing Payloads

With enterprises deploying Mac endpoints, a red team phishing panacea just might be a Microsoft Office Word document or Excel spreadsheet that has an …

Security

500+ Google Play Apps Hit by Ad-Related Malware

The apps containing the malicious Igexin ad SDK received more than 100 million downloads.<p>PCMag reviews products independently, but we may earn …

Security

Over 500 Android apps with a combined 100 million downloads found to secretly contain spyware | ZDNet

Unbeknown to the app developers, an advertising software development kit contained code for stealing data from their products' users.<p>More than 500 …

Security

ProtectWorks AntiVirus (for Mac)

<b>Pros</b><p>Certified for Mac protection by an independent testing lab. Scans on demand, on access, and on schedule.<p><b>Cons</b><p>No web-based protection against …

Security

The 4 best antivirus apps to keep your computer adware free

If you’re seeing irritating ads pop-up in your browser, your homepage has been changed to some strange search engine, or your computer is suddenly …

Gear & Gadgets

Android Spyware Linked to Chinese SDK Forces Google to Boot 500 Apps

More than 500 Android mobile apps have been removed from Google Play after it was discovered that an embedded advertising SDK called Igenix could be …

Security

Eight Chrome Extensions Hijacked to Deliver Malicious Code to 4.8 Million Users

Six more developers have had their Chrome extensions hijacked in the past four months, according to new evidence surfaced yesterday by Proofpoint …

Information Security

Server Management Software Discovered Harboring Backdoor

ShadowPad backdoor found embedded in a software product used by major organizations around the globe to manage their Linux, Windows, and Unix servers.<p>…

Information Security

Research on CMSTP.exe

Whenever I have a chance I use my time diving into Windows internal binaries to uncover hidden functionality. This blogpost is dedicated to things I …

Security

Here's How This Surveillance Malware Found Its Way To The Google Play Store

A malware is a software designed to function in ways that mistreat or harm the user, aside accidental errors. Just recently, a surveillance malware …

Security

Facebook Password Stealer Pilfers Data from Wannabe Attackers

With that said, it comes as no surprise that computer criminals would seek to capitalize on wannabe attackers’ interest in cracking a target’s …

Security

How to recover from a ransomware attack

It’s one of the most dreaded malware experiences you can have: Your computer freezes on a screen message that demands money or all your data will be …

Security