malware 썸네일형 리스트형 Macro-Enabled Files Used as Infection Vectors (Again) Macro-based attacks were popular in the early 2000s, but they gained much notoriety with the much publicized coverage of the Melissa virus. However, macro-based attacks soon began to drop off the radar. One major reason for this would be the security measures implemented by Microsoft to address malicious macro files. Another probable reason would also be that cybercriminals simply moved on, expl.. 더보기 Cybercriminals Are Distributing Malware with Fake Flash Player Served from SkyDrive - Fake Flash Player download websiteF-Secure researchers have spotted a large number of Trojan.JS.Blacole.Gen infections over the past days. A closer analysis has revealed an interesting malware distribution campaign. According to experts, cybercriminals have compromised a number of websites, 40% of which from Germany. They’ve taken the scripts from these sites and added malicious code. When use.. 더보기 Neutrino Delivers Fake Flash Malware Hosted on SkyDrive As cloud computing becomes more popular, malware authors are also taking interest in using this technology to store their own files—except, of course, their files are usually bad.SkyDrive (recently renamed to OneDrive) is Microsoft’s cloud storage solution, and competes directly with other big-name storage products like Google Drive and Dropbox, all of which provide a convenient solution to acce.. 더보기 The Gray-zone of malware detection in Android OS In this first part about the gray-zone of Android malware detections, I will introduce theAndroid:SecApk, a detection regarding the protection that the App Shield (Bangcle) offers to Android applications (.apk). This detection has a big sample set that is still growing. Some SecApk wrapped samples that existed or still exist in the Google Play Store and third party stores, can be seen in the tab.. 더보기 Email with subject “FW:Bank docs” leads to information theft In this blogpost we will look deep into a spam campaign, where unlike other possible scenarios, the victim is infected by opening and running an email attachment. In the beginning of this year, we blogged about a spam campaign with a different spam message – a fake email from the popularWhatsApp messenger. This time we will look at spam email which tries to convince the victim that it originates.. 더보기 AutoIt approach: Infecting your browser via code recycling Author: Jakub KroustekIn this article, we focus on analysis of a 32-bit WinPE sample with MD5 sumC8F3C24F123D851F57AFF21958ADAC76. Its goal is to steal credentials from a running web browser. This sample is interesting because it uses several different layers of its protection – obfuscation, encoding & encryption, code hiding, proactive defense against AV software, and other similar techniques.T.. 더보기 Gong Da Exploit Kit Add Java CVE-2013-1493 & IE CVE-2012-4792 & IE CVE-2012-4969 Support Gong Da Exploit Kit Add Java CVE-2013-1493 & IE CVE-2012-4792 & IE CVE-2012-4969 SupportLike other Exploit Kits, Gong Da has add support for Oracle Java CVE-2013-1493 vulnerability, fixed in Oracle Java 6 Update 17, has also add support for Microsoft Internet Explorer CVE-2012-4969 and CVE-2012-4792 vulnerabilities, fixed in an emergency patch in September 2012 and January 2013.Here is the new c.. 더보기 red kit exploit 정리 The private but popular RedKit exploit kit appears to be experiencing a resurgence based on a report by Kahu Security. Initially spotted back in May 2012, the exploit kit drew attention after cybercriminals used it in drive-by-download attacks from NBC’s compromised website in January 2013 and spam campaigns immediately after the Boston Marathon bombings.These attacks featured iframes on the com.. 더보기 GONDAD EXPLOIT KIT 2013-11-15 - GONDAD EXPLOIT KIT DELIVERS GONDAD.EXEI don't know if this was a coincidence, but the name of a malware EXE stored in an infected VM's temp folder matches the name of an exploit kit that triggered on the IDS. In this case, two events triggered on a Gondad exploit kit, while the malware in the AppData\Local\Temp folder was named gondad.exe. Screen shot from the infected VM.Gondad is .. 더보기 Linux.Aidra vs Linux.Darlloz: War of the Worms Authors: Lukáš Ďurfina, Jakub Křoustek, Peter Matula, Petr Zemek At the end of 2013, a new worm that targets small Internet-enabled devices was discovered . The worm, called Linux.Darlloz , is capable of infecting a wide range of “Internet-of-things” devices, like routers, security cameras, and entertainment systems that are increasingly equipped with an Internet connection.It is argued that we .. 더보기 이전 1 ··· 52 53 54 55 56 57 다음