Latest Articles

When attackers look at a target network, they focus on the flaws that they can exploit, then customize their attacks based on these. What can IT admins do knowing that the weakest link usually lie with people, passwords, and places that are considered secure?

A new variant of the backdoor BIFROSE, known for its keylogging techniques, was found in an attack against a device manufacturer. The malware was already elusive back in 2010, but its use of TOR to reach its servers makes it even harder to track.

The growth in spam volume during the first of half of 2014 can be attributed to the prevalence of threats that use spam as an infection vector. This include known threats like DOWNAD, UPATRE, and ZEUS/ZBOT.

A new strain of KIVARS malware used in targeted attacks now also works on 64-bit versions of Windows systems. This shows that threat actors remain attentive to the public's steady adoption of 64-bit processing systems.

Attackers have found a new use for Dropbox, apart from just hosting malware. This new tactic uses the PlugX remote access tool to download its C&C server settings using the free file storing service.

A pattern emerges from the document exploits recently used by HORSMY, ESILE, FARFLI, and other targeted campaigns. Likely sourced in cybercriminal underground markets, this template exploit can be modified depending on what attackers need from their targets.

A new campaign inched closer to Japanese government and private entities with backdoor malware attacks on the commonly used word processing software Ichitaro. The ANTIFULAI campaign enters networks via clever email subjects, such as a job application inquiry.

Recent targeted attacks that send bogus emails from a Chinese newspaper were found targeting systems with Windows PowerShell installed. The PowerShell command line is typically found on Windows 7 onwards and is used to automate Windows applications.

Are all these large-scale Point-of-Sale (PoS) system attacks proof that attackers target payment cards more? While naming 2013 the "Year of the Retailer Breach", Verizon says POS-related cases have gone down in numbers since they peaked in 2010.