Koler ransomware new version spread via SMS Koler.A is a form of Android ransomware that was first identified in May 2014. The initial version of the Koler malware would lock a victim’s phone with a message ordering the victim to pay $300 USD ransom to unlock the phone. A new version of Koler has now…
Dyre spam attack
Dyre spam attack Patching systems and software should be a high priority for any organisation. Older vulnerabilities are often easy prey for attackers seeking a way inside an organisation’s defensive perimeter. If proof of the maxim “patch your systems regularly” is needed, then this week’s exploitation of an old vulnerability in Adobe Reader and Adobe…
Dropbox phishing attack
Dropbox phishing attack Dropbox have recently shutdown a fake page that was part of an elaborate phishing campaign. This particular campaign was sophisticated in its execution, as Symantec show in a blog post on the phish. Firstly, a phishing email was sent to the victim. The email contained a link to a Dropbox file. The…
Malware Monday
Malware Monday For all those starting work on Monday and starting to trawl through emails and/or planning the week ahead, here’s something to brighten your day. There is a new malware delivered via phishing emails, but the attackers committed a few errors when crafting their cyber attack. As this article on PhishMe reports, the malware…
New add-ons found in Dyre malware
New add-ons found in Dyre malware Dyre malware re-surfaced recently with a new version that contains several new features that are designed to capture more information from the victim computer and from the organisation targeted. Figure A illustrates how Dyre works. Dyre (also known as Dyreza) was first detected in June 2014. Investigators uncovered it…
Week in review 17 October 2014
Week in review 17 October 2014 Another data breach hit the headlines this week, this time involving Kmart in the USA. Actually, malware was the theme of the week; Kmart’s breach was due to POS malware, a promise of a salacious video on Facebook led to malware being downloaded, Sandworm malware was announced (in conjunction…
Malicious ads being used on YouTube
Malicious ads being used on YouTube YouTube is being used as a carrier for malicious ads, according to a blog post by Trend Micro. This is a recent development; previously malicious advertising targeted social media sites. Several of the videos with malicious ads had several million views. Un-patched versions of Internet Explorer are vulnerable. Currently,…
Patches released to combat Sandworm malware
Patches released to combat Sandworm malware Microsoft’s Patch Tuesday has a greater relevance than usual this week: it includes a patch for a zero day vulnerability that has been used to target NATO, some European telecommunications companies and some Polish Energy Sector companies. The vulnerability was originally discovered on September 3rd by a company called…
Malware behind Emma Watson Facebook videos
Malware behind Emma Watson Facebook videos Salacious pictures and videos are increasingly being used by scammers to foist malware on unsuspecting victims. The conduit of choice for the scammers is often via well-known social media sites such as Facebook. The favourite subject of the pictures and/or videos has lately become well known celebrities. Another such…
POS malware hits Kmart
POS malware hits Kmart Kmart (the US Company owned by Sears; not the Australian company owned by Wesfarmers) can be added to the growing list of retailers in the USA that have suffered a data breach in the last year. The latest breach has been attributed to malware installed in the retailer’s POS systems. A…