SecureSling

Case Flame

Mon, 28 May 2012 15:27:53 +0000

Flame (aka Flame aka Skywiper) is a massive, complex piece of malware, used for information gathering and espionage. The malware is most likely created by a western intelligence agency or military....

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Targeted Attack: London 2012 Olympics

Mon, 28 May 2012 15:27:53 +0000

We've come across a malicious Olympic themed PDF earlier this morning while data mining our back end for documents which drop executables (those are never a good thing, unsurprisingly). The PDF...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Zeitgeist 2012: Mikko Q&A

Mon, 28 May 2012 15:27:53 +0000

Mikko took part in Google's Zeitgeist 2012 earlier this week in London. Wired magazine editor David Rowan's Q&A: Beyond Today – Mikko Hypponen. On 24/05/12 At 04:03 PM

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

AusCERT Presentation: The Enemy

Mon, 28 May 2012 15:27:53 +0000

Mikko was a featured speaker last week at AusCERT2012. You can listen to (or download) audio of his presentation from Risky Business. And then once you have the audio, you can view Mikko's slides...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

ZeuS Ransomware Feature: win_unlock

Mon, 28 May 2012 15:27:53 +0000

Earlier today, while doing our daily data mining, we came across a new variant of ZeuS 2.x. It includes a new backdoor command called: win_unlock. Very interesting, turns out this slightly modified...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Video: Angry Birds Space Trojan & Drive-by Android

Mon, 28 May 2012 15:27:53 +0000

On Monday, we released our Mobile Threat Report for Q1, and in that report we mention there's a growing number of mobile trojans that "deliver on their promises". What do we mean by that? Well, in...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Repost: Webinar: Making Life Difficult for Malware

Mon, 28 May 2012 15:27:53 +0000

Jarno Niemela, a Senior Researcher here at F-Secure Labs, will be taking part in a Black Hat Webcast on Thursday, May 17, 2012. The subject is "Making Life Difficult for Malware" and will focus on...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Recommended Listening: Danger In The Download

Mon, 28 May 2012 15:27:53 +0000

The Documentary, a BBC World Service program (or programme) recently aired a 3-part series called Danger In The Download. It's definitely worth a listen. All of the episodes are now available...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Download: Mobile Threat Report, Q1 2012

Mon, 28 May 2012 15:27:53 +0000

It's time to publicly release our latest Mobile Threat Report, covering the 1st quarter of 2012. Our Q4 2011 report was quite popular and this new one for Q1 is even better. More content (and pages)...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

What's wrong with marketing software?

Mon, 28 May 2012 15:27:53 +0000

Yesterday, I suggested that nonymous speech is vastly superior to anonymous DDoS attacks and other forms of censorship. Today, I offer this "anti-piracy" PSA (circa 1988) as evidence to support my...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Pirate Bay to Anonymous: Call Your Mom!

Mon, 28 May 2012 15:27:53 +0000

UK Courts recently ordered Internet Service Providers to block access to The Pirate Bay. Yesterday, Virgin Media was attacked by some that claim associations to the Anonymous collective. Well, The...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Java Drive-by Generator

Mon, 28 May 2012 15:27:53 +0000

Ran across quite an interesting infection today. I visited a site that prompted me with a security warning about a "Microsoft" application from an unknown publisher. The site is actually pretending...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Webinar: Making Life Difficult for Malware

Mon, 28 May 2012 15:27:53 +0000

Terrorist Groups in the Online World

Mon, 28 May 2012 15:27:53 +0000

The Combating Terrorism Center at West Point (USA) has released a study called "Letters from Abbottabad: Bin Ladin Sidelined?". The study provides analysis of 17 declassified documents captured last...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Flamer: Highly Sophisticated and Discreet Threat Targets the Middle East

Mon, 28 May 2012 13:32:58 +0000

Over the past few days, we have been analyzing a potential new threat that has been operating discreetly for at least two years. We were contacted about this threat by Crysys who have released their...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

W32.Xpaj.B の特殊例: 感染第 1 号

Mon, 28 May 2012 09:30:08 +0000

しばらく前に、シマンテックは W32.Xpaj.B ウイルスの新しい亜種を確認し、その新機能に関する初期段階の詳細と、感染第 1 号の爆発的感染の状況について以前のブログで報告しました。その後さらに解析を進めましたが、結論として爆発的な感染はなく、少なくとも当面の間は W32.Xpaj.B is の再来もないと考えるに至っています。解析から明らかになったのは、以下の点です。第 1...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Jailbreak Dream Team Press Conference at #HITB2012AMS (Video)

Mon, 28 May 2012 09:59:22 +0000

The guys from the Chronic Dev Team and the iPhone Dev Team, also known as the Dream Team, have taken center stage here in Amsterdam at the 2012 edition of the world renowned Hack in the Box (HITB)...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Bruce Schneier on Trust, Security and Society at #HITB2012AMS

Mon, 28 May 2012 09:56:47 +0000

We’re at the Okura hotel in Amsterdam, attending the 2012 Hack in the Box security conference, and the second day seems to be as impressive as the first one. It started off with a keynote held by...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Hackers Reveal the Price of iOS Jailbreaks at #HITB2012AMS

Mon, 28 May 2012 09:52:18 +0000

There have been a lot of interesting developments here at Hack in the Box in Amsterdam, and one of them is the first ever union of the jailbreak Dream Team. Today, Softpedia has had the chance to...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Absinthe 2.0 jailbreaks most iDevices running iOS 5.1.1

Mon, 28 May 2012 09:45:57 +0000

The untethered jailbreak Absinthe v2.0 debuted on Friday with compatibility for almost all devices powered by Apple's A4 and A5 processors running the latest iOS 5.1.1 firmware, and is the first...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Security researcher urges IT managers to keep up with SAP patches

Mon, 28 May 2012 09:44:03 +0000

More than 95 percent of over 600 SAP systems tested by security firm Onapsis were vulnerable to espionage, sabotage and fraud, mainly because patches had not been applied, according to a...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Bug bounty hunters reveal eight vulnerabilities in Google services

Mon, 28 May 2012 09:24:57 +0000

Security researchers unveiled eight vulnerabilities in Google services during the Hack in the Box conference in Amsterdam on Thursday -- but they claim to have discovered more than 100 such bugs over...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Absinthe 2.0 Jailbreak Now Available for iOS 5.1.1 Devices

Mon, 28 May 2012 09:19:32 +0000

The hackers have been teasing us for weeks, but today have finally made good on a new jailbreak for iOS 5.1.1, coinciding with Hack in the Box conference taking place today in...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Researchers uncover causes of MilitarySingles.com hack

Mon, 28 May 2012 09:17:46 +0000

A common web application vulnerability, poor detection capabilities and a lack of adequate encryption led to the recent hack of MilitarySingles.com, according to research performed by security firm...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Inside Facebook security: defending users from spammers, hackers, and 'likejackers'

Mon, 28 May 2012 09:13:59 +0000

If Facebook were a country, it would be the third largest in the world, just behind India and China. And like any country, Facebook has a police force to keep things under control. 300 people have...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

'We Already Have a Part of the Jailbreak for iOS 6': @Pod2g

Mon, 28 May 2012 09:12:20 +0000

Pod2g, also known as Cyril, reveals that the 'dream team' of iOS hackers already has part of the jailbreak for iOS 6 in an interview with Softpedia. "We won't give up on jailbreaking iOS devices...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Blizzard announces first Diablo III patches and delays the real-money auction house

Mon, 28 May 2012 09:09:44 +0000

Diablo III’s first week hasn’t been an easy one. With an overwhelming number of server issues, rumored battle.net account hacking, and the slow start of the game’s real-money auction house, this...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

User-generated content is Achilles’ heel of social media sites

Mon, 28 May 2012 09:08:31 +0000

User-generated content is the “Achilles' heel” of social media sites, warns a new report by data security firm Imperva that examines the recent hack of the MilitarySingles.com site by LulzSec. In...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Blizzard Admits Accounts With Authenticators Have Been Hacked

Mon, 28 May 2012 09:06:37 +0000

So, you know how there was this whole thing about having an official Blizzard authenticator meant you weren't going to get hacked? Well, turns out you can still get hacked even with an...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Anonymous DOJ Breach More Embarrassing Than Harmful

Mon, 28 May 2012 09:05:32 +0000

Anonymous claimed to have seized internal emails and other information from a Department of Justice serve earlier this week. That doesn't appear to be the case, based on an analysis of the actual...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Girl geeks gather at Facebook after IPO

Mon, 28 May 2012 09:04:36 +0000

You can’t visit the Facebook Inc. headquarters without seeing or hearing the word “hack” or “hacker.” The term, which is often used to refer to malicious programming, types of online fraud or...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Absinthe Used To Jailbreak 1.2 Million Devices On iOS 5.1.1 Over The Weekend

Mon, 28 May 2012 09:03:08 +0000

On Friday, May 25th hackers from the Chronic Dev Team released Absinthe 2.0, a tool that jailbreaks iOS 5.1.1 on nearly all iOS devices, including the third-gen iPad. The untethered jailbreak can be...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

NASA refutes Iranian cyberattack claims

Mon, 28 May 2012 09:01:17 +0000

NASA, the US space agency, has denied that its website had been hacked and information stolen by a band of Iranian students that called themselves the "Cyber Warriors Team." The group bragged in a...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Reputed websites under hacker threat: CERT India

Mon, 28 May 2012 08:55:09 +0000

Websites of reputed government and private organisations are under threat from hackers, the Computer Emergency Response Team India (CERT-In) has said, warning users to be extra cautious while using...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

Information of U.S. federal employees exposed

(John Ribeiro) — Mon, 28 May 2012 07:10:00 +0000

A hack in July last year of a computer used by third-party services provider Serco to support the Thrift Savings Plan run by the U.S. Federal Retirement Thrift Investment Board resulted in...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]

PHP vulnerability CVE-2012-1823 being exploited in the wild, (Sun, May 27th)

Mon, 28 May 2012 03:48:35 +0000

Reader Bob detected in his webserver the following string in the access log of his web server: bas ...(more)...

[[ This is a content summary only. Visit my website for full links, other content, and more! ]]