Posts Categorized: Uncategorized


Son of a Breach! Can Companies Just Safeguard Their Customers’ Data?

by

Just when consumers were starting to regain some company trust and safe-shopping stability after last year’s massive Target breach, a string of new large-scale company breaches quickly reminded us consumers just how insecure our personal data can be. Needless to say, it’s been a rough year for some major companies and an even rougher year for thousands of unlucky customers. Let’s look at three of the major breaches of the last couple of months. Home Depot (Source: Krebs On Security) Early last month, reports started coming in that the home improvement giant was investigating “some unusual activity with regards to its customer data.” Security […]

Continue Reading »

‘Bash’ Shellshocks the Internet – Here’s What You Should Know

by

Update: Apple has patched the Bash bug. For more info (including links to download the updates on your Mac), check out this TechCrunch report. As of last week, there’s a new security bug in the news, and it’s wreaking havoc on the Internet. (Source: Macworld/Errata Security) Discovered by Stephane Chazelas, a security researcher for Akamai (who revealed the bad news to the world last Thursday), the ‘Bash bug, or ‘Shellshock’, is a particularly nasty vulnerability affecting the Bourne-Again Shell (thus the Bash acronym) of certain versions of the Unix and Linux operating systems. Yes, that includes derivatives like the Mac OS. In other words, […]

Continue Reading »

The Weekend of Nude Celebrity Selfies, iCloud, and How to Protect Your Personal Info

by

What do celebrities (mostly young and female), 4chan, hackers, Bitcoin, and iCloud have in common? They’re all ingredients of a scandalous Labor Day Weekend, one that was filled with celebrity ‘skin’, outrage, confirmation (and denial)…and now an FBI investigation into the crazy incident that has everyone talking. But is it the ultimate internet scandal or a sobering reality of the importance of safeguarding your content to reduce the risk of it being stolen? Both. Before we go into that, however, in a nutshell (and in case you don’t know by now), here’s what happened: On Sunday, users of the often-controversial message-board 4chan, saw […]

Continue Reading »

Sony’s PSN Network Haymaker’d by DDoS Attack; Exec’s Plane Grounded Over Bomb Threat

by

Sony had a rough weekend. And not just Sony; last weekend wasn’t the best time to be a gamer. Here’s the skinny… Early yesterday morning, Sony’s PlayStation Network (PSN for short) was hit with a massive Distributed Denial of Service (DDoS) attack, causing it to crash temporarily and hamper online play for many PlayStation gamers. (Source: Google Images) Sony Online Entertainment President John Smedley quickly took to Twitter to let users know about the attack before tweeting that he’d be offline for three hours as he flew back to San Diego from Dallas on AA Flight #362. Well, not long […]

Continue Reading »

Critroni/Onion – Newest Addition to Encrypting Ransomware

by

In my last blog post about a week ago, I talked about how Cryptolocker and the like are not dead and we will continue to see more of them in action. It’s a successful “business model” and I don’t see it going away anytime soon. Not even a few days after my post a new encrypting ransomware emerged. This one even targets Russians! Presenting Critroni (aka. Onion)   This newest edition of encrypting ransomware uses the same tactics of contemporary variants including: paying through anonymous tor, using Bitcoin as the currency, changing the background, dropping instructions in common directories on how to pay the scam. […]

Continue Reading »

Android.Koler – Android based ransomware

by

Recently, a new Android threat named Android.Koler has begun popping up in the news.  According to an article by ARS Technica, it reacts similar to other pieces of ransomware often found on Windows machines.  A popup will appear and state “Your Android phone viewed illegal porn. To unlock it, pay a $300 fine”.  This nasty little piece of malware is infecting people who visit certain adult websites on their phone. The site claims you need to install a video player to view the adult content. Although I can’t say for sure since I haven’t seen the malicious sites, I’m guessing […]

Continue Reading »

SMS Trojans Using Adult Content On The Rise In Android

by

In the marketing world, it’s widely known sex sells. This is so true the “adult” industry is a multi-billion dollar industry. This is also why malware authors have long used adult content to attract unwitting victims. Lately, this threat researcher has seen way too much of it. There has been an influx of Trojan-like APKs using adult content to trick users into sending premium SMS messages. Let’s take a deeper look at one of these apps. When you open the app it displays a page showing “GET IT NOW” in the middle, and “NEXT” at the lower right corner. If […]

Continue Reading »

Mobile Security 2014: Predictions

by

The most recent and interesting threats we see are more or less “evolved” forms of previous threats, including those originating from the PC side. People have been “spoofing” parts of apps, such as code, appearance, or digital certificates, since Android malware first started appearing. The MasterKey exploit was a whole new way to modify the app without even having to spoof anything (since this was the exploit which allowed applications to be changed without invalidating the existing digital signature). It’s also very interesting to see how threats like Zitmo or RAT-type apps seem to get better and better at mirroring […]

Continue Reading »

Cryptolocker Ransomware and what you need to know

by

The basics The Ransomware known as Cryptolocker has been prominent in the media lately, and one that we’re asked about often. Ransomware in general is nothing new, we have been seeing ransomware that hijacked your desktop wallpaper demanding payment for several years now, but while the older ransomware was rather easily removed, Cryptolocker has taken ransomware to a new level. What Cryptolocker does is encrypt files (primarily document files but also image files and other file types) on your computer and any network drives that computer has access to using a very strong encryption method and then demands payment with […]

Continue Reading »

Rogue antivirus that takes webcam pictures of you

by

Recently we heard of a rogue fake antivirus that takes screenshots and webcam images in an attempt to further scare you into succumbing to it’s scam. We gathered a sample and sure enough, given some time it will indeed use the webcam and take a picture of what’s in front of the camera at that time. This variant is called “Antivirus Security Pro” and it’s as nasty as you can get. The rogue locks down any of the Advanced Boot Options: Safe Mode, Safe mode with Networking, Safe mode with Command prompt, directory services restore mode, ect. As soon as […]

Continue Reading »