Virus News

July 27th, 2009

Welcome to our RSS – Virus and Spyware Related News Feed section. This page might take some time loading up as it has to extract and load data from other sources.

Microsoft – Security at Home

PCAdvisor – Security News

Computerworld – Viruses News

Kaspersky – Virus News

Norton Security Articles

Trend Micro malware Blog

  • 49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play -

    We recently found 49 new adware apps on Google Play, disguised as games and stylized cameras. Before they were taken down by Google, the total number of downloads for these apps was more than 3 million. This recent incident continues an ongoing trend of mobile adware surges

    The post 49 Disguised Adware Apps With Optimized Evasion Features Found on Google Play appeared first on .

  • New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse -

    We discovered a new exploit kit named Capesand in October 2019. Capesand attempts to exploit recent vulnerabilities in Adobe Flash and Microsoft Internet Explorer (IE). Based on our investigation, it also exploits a 2015 vulnerability for IE. It seems the cybercriminals behind the exploit kit are continuously developing it and are reusing source code from a publicly shared exploit kit code.

    The post New Exploit Kit Capesand Reuses Old and New Public Exploits and Tools, Blockchain Ruse appeared first on .

  • Current and Future Hacks and Attacks that Threaten Esports -

    Cybercriminals will increasingly target the esports industry over the next three years. Many underground forums already have sections dedicated to gaming or esports sales, and the goods and services offered in these forums generate a lot of interest.

    The post Current and Future Hacks and Attacks that Threaten Esports appeared first on .

  • AutoIT-compiled Negasteal/Agent Tesla, Ave Maria Delivered via Malspam -

    By Miguel Carlo Ang and Earle Maui Earnshaw  We recently saw a malicious spam campaign that has AutoIT-compiled payloads – the trojan spy Negasteal or Agent Tesla (detected by Trend Micro as TrojanSpy.Win32.NEGASTEAL.DOCGC), and remote access trojan (RAT) Ave Maria or Warzone (TrojanSpy.Win32.AVEMARIA.T) – in our honeypots.  The upgrading of payloads from a typical trojan...

    The post AutoIT-compiled Negasteal/Agent Tesla, Ave Maria Delivered via Malspam appeared first on .

  • Fake Photo Beautification Apps on Google Play can Read SMS Verification Code to Trigger Wireless Application Protocol (WAP)/Carrier Billing -

    We found an app on Google Play named “Yellow Camera”, which poses as a camera and photo beautification or editing app embedded with a routine of reading SMS verification codes from the System Notifications, and, in turn, activate a Wireless Application Protocol (WAP) billing. We disclosed our findings to Google, and the app, along with related ones we saw, are no longer in the Play store.

    Based on the name of the file downloaded by the app, it appears it is mostly targeting users in Southeast Asia (e.g., Thailand, Malaysia). However, we’ve also seen the app targeting Chinese-speaking users, so it won’t be a surprise if the app gradually shifts or expands targets. While the app has already been taken down in the Play store, we found that the fraudsters uploaded similar apps to the app store.

    The post Fake Photo Beautification Apps on Google Play can Read SMS Verification Code to Trigger Wireless Application Protocol (WAP)/Carrier Billing appeared first on .

  • CVE-2019-16928: Exploiting an Exim Vulnerability via EHLO Strings -

    In September, security researchers discovered the existence of CVE-2019-16928, a vulnerability involving the mail transfer agent Exim. Exim accounts for over 50% of publicly reachable mail servers on the internet. What makes the bug particularly noteworthy is that threat actors could exploit it to perform denial of service (DoS) or possibly even remote code execution attacks (RCE) — making it a serious concern for Exim customers who use vulnerable versions of the software.

    The post CVE-2019-16928: Exploiting an Exim Vulnerability via EHLO Strings appeared first on .

  • FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops -

    We discovered that the online credit card skimming attack known as Magecart or E-Skimming was actively operating on 3,126 online shops.

    The post FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops appeared first on .

  • Short October Patch Tuesday Includes Remote Desktop Client, Browser, and Authentication Patches -

    October’s Patch Tuesday is relatively modest, with Microsoft releasing a total of 59 patches. However, this shorter list still warrants attention. Nine of the 59 were still identified as Critical, while the remaining 50 were labeled Important. Most of the critical bulletins were for various Internet Explorer and Microsoft Edge vulnerabilities, with one covering a Remote Desktop Client vulnerability. The Important bulletins fixed several issues, including NTLM and Microsoft IIS server vulnerabilities.

    The post Short October Patch Tuesday Includes Remote Desktop Client, Browser, and Authentication Patches appeared first on .

  • New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign -

    We found a new modular fileless botnet malware, which we named “Novter,” (also reported and known as “Nodersok” and “Divergent”) that the KovCoreG campaign has been distributing since March. We’ve been actively monitoring this threat since its emergence and early development, and saw it being frequently updated. KovCoreG, active since 2011, is a long-running campaign known for using the Kovter botnet malware, which was distributed mainly through malvertisements and exploit kits. Kovter has been involved in click fraud operations since 2015, using fraudulent ads that have reportedly cost businesses more than US$29 million. The botnet was taken down at the end of 2018 through concerted efforts by law enforcement and cybersecurity experts, including Trend Micro.

    The post New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign appeared first on .

  • Gambling Apps Sneak into Top 100: How Hundreds of Fake Apps Spread on iOS App Store and Google Play -

    We found hundreds of the fake apps on iOS App Store and Google Play, with descriptions that are inconsistent with their content. While the apps’ descriptions varied, they share the same suspicious behavior: They could transform into gambling apps that may get banned for violating local government regulations and app store policies.

    The post Gambling Apps Sneak into Top 100: How Hundreds of Fake Apps Spread on iOS App Store and Google Play appeared first on .

  • Washington Post Security Fix

    Comments are closed.
    Wordpress SEO Plugin by Wordpress SEO Plugin