Posts Categorized: Uncategorized


“Android Malware” – Thre@t Reply(video)

by

Are Android phones susceptible to Trojans and other viruses just like computer? How can you make sure your phone doesn’t become infected and if it does, what can you do? Webroot mobile threat research analyst, Armando Orozco answers this question that was asked to our Webroot Threat Research team via Twitter. [youtube=http://www.youtube.com/watch?v=55-CL-_TiEM]

Continue Reading »

For your eyes only (please)

by

By the Webroot Threat Team Have you ever had the queasy experience of sending a message to someone that you’d rather not have anyone else see, and then hoping that it won’t get passed along? A new system developed by Internet law and security researchers aims to solve the problem, with a light-handed touch. The Stanford Center for Internet and Society has launched Privicons, an email privacy tool that it describes as a ‘user-to-user’ solution. There are no policy servers, crypto algorithms, or software enforcement agents to worry about. Instead, it relies on good old-fashioned icons. Webmail users who install […]

Continue Reading »

Everyone has a role in protecting a corporate infrastructure (Part 1)

by

By Jacques Erasmus This time of year, those of us in information security become wary of crafty criminals leveraging the winter holidays to prey on our employees’ lack of awareness online in a number of ways. All it takes is for one Trojan to infect a single PC in a company to put an entire infrastructure at risk. Everyone plays a role in protecting the assets and information of their organization. To help explain what this means for you as an IT manager, an employee or even a home user, we have developed a two-part primer on common threats you […]

Continue Reading »

This blackhole exploit kit gives you Windows Media Player and a whole lot more

by

By Mike Johnson As a follow-up to the Blackhole Exploit posting, I thought I would share one aspect of my job that I truely enjoy: Discovery. While investigating some active urls being served up via a blackhole kit, I noticed something quite odd, as I would end up on sites that had malicious code injected into their webpages. Once the redirection to the blackhole kit was initiated, I saw the usual exploits taking place, first being Internet Explorer and Adobe Flash, then onto Adobe Reader and Java. This time, the kit didn’t stop there. Internet Explorer proceeded to launch Windows Media Player. Since I had never […]

Continue Reading »

Will you take Facebook’s candy?

by

By the Webroot Threat Team It’s a creepy treat, with a serious underlying message. The latest viral website uses a horror movie format to show you just how much the average Facebook application can find out about you. TakeThisLollipop, which has already received 1.7 million ‘Likes’ on Facebook, uses the social network’s application authentication scheme to find out about users. Anyone clicking on the lollipop displayed on the site is asked to let the application access a panoply of information about them from Facebook, in addition to other privileges, such as posting as them. If they accept, they get to […]

Continue Reading »

I don’t think it means what you think it means…

by

Websites Hosting Android Trojans   By Armando Orozco and  Nathan Collier Rogue Android apps are making their way into alternative markets. Yes, we’ve seen some malicious apps trickle through and they can be elusive. But we’re now seeing markets that are only hosting malware. These rogues are of the premium rate SMS variety and request the user to send a bounty if they want the app. The interesting thing is that the websites they’re hosted on are very well put together and you can see that a great deal of time was put into creating them.  The Websites These well-crafted […]

Continue Reading »

Outdated Operating System? This BlackHole Exploit Kit has you in its sights

by

By Mike Johnson Several weeks back, I was presented with a group of snapshots from an active BlackHole Exploit Kit 1.2 Control Panel. As with other toolkits I’ve seen in the wild, this one has all the makings of some real bad medicine. The authors have yet again gone to the trouble of making this toolkit incredibly easy to use and widely available for a price. Just a little unsavory web hosting in a country with few or no diplomatic relations and off to the races they go. It appears this toolkit is configurable in both Russian and English, making one wonder its true origins. I’ve […]

Continue Reading »

Non-executable malicious files and code – Thre@t Reply

by

.exe, PHP, HTML, and the list goes on. How many different kinds of files and code can potentially infect your PC? Webroot threat research analyst Nathan Collier explains a few of the the types of potentially dangerous files, other than the common executable (.exe) that can be found on a Windows PC and cause harm to it. [youtube=http://www.youtube.com/watch?v=CFH8VxP7gmY] If you have a question you want answered by one of our threat experts send it to us! Comment below, tweets us (www.twitter.com/webroot), or email it to us (blog@webroot.com).

Continue Reading »

CloudOnomics

by

By Ian Moyse Moore’s Law back in 1965 predicted silicon power would double every two years. But what its creator, Gordon E. Moore, couldn’t have predicted was the dramatic economies of scale the cloud would eventually bring to all of our lives. For one, it’s helped lead to a drop in price for essentials like computing power and storage by making them more accessible. But also, it’s enabled conveniences no one ever would have imagined four or so decades ago. Today we’re able to use a mobile device with massive power and local storage to locate and download from virtually […]

Continue Reading »

Mebromi: the first BIOS rootkit in the wild

by

By Marco Giuliani In the past few weeks a Chinese security company called Qihoo 360 blogged about a new BIOS rootkit hitting Chinese computers. This turned to be a very interesting discovery as it appears to be the first real malware targeting system BIOS since a well-known proof of concept called IceLord in 2007. The malware is called Mebromi and contains a bit of everything: a BIOS rootkit specifically targeting Award BIOS, a MBR rootkit, a kernel mode rootkit, a PE file infector and a Trojan downloader. At this time, Mebromi is not designed to infect 64-bit operating system and it is not […]

Continue Reading »