Reading Time: ~< 1 min.

Avoid Unsecure IoT: Smart Device Shopping Tips

“Internet of things” (IoT) is a term that’s becoming increasingly commonplace in our daily lives. Internet-connected devices are being designed and implemented at a rapid clip, especially in our own homes. The internet is not just at our fingertips anymore, but also...

Carbonite to Acquire Webroot

I’m excited to share that Webroot has entered into an agreement to be acquired by Carbonite, a leader in cloud-based data protection for consumers and businesses. Why do I think this is such good news for customers, partners and our employees?   For customers and...

The Reality of Passphrase Token Attacks

In my blog, Password Constraints and Their Unintended Security Consequences, I advocate for the use of passphrases. Embedded in the comments section, one of our readers Ben makes a very astute observation: What happens when attackers start guessing by the word instead...

Common WordPress Vulnerabilities & How to Protect Against Them

The WordPress website platform is a vital part of the small business economy, dominating the content management system industry with a 60% market share. It gives businesses the ability to run easily-maintained and customizable websites, but that convenience comes at a...

A Miner Decline: The Slowdown of a Once-Surging Threat

This is the first of a three-part report on the state of three malware categories: miners, ransomware and information stealers. In Webroot’s 2018 mid-term threat report, we outlined how cryptomining, and particularly cryptojacking, had become popular criminal tactics...

Smart Wearables: Convenience vs. Security

Fitness trackers and other digital wearables have unlocked a new era of convenience and engagement in consumer health. Beyond general fitness trackers, you can find wearables for a variety of purposes; some help diabetics, some monitor for seizure activity, and some...

MSPs: Your Security Vendor Should Integrate with More Than Just Your RMM and PSA

For many MSPs, integrating their security solution with their remote monitoring and management (RMM) and professional service automation (PSA) platforms is essential for doing business. Together, these platforms help lower the cost of keeping up with each client,...

Top 5 Things SMBs Should Consider When Evaluating a Cybersecurity Strategy

SMBs are overconfident about their cybersecurity posture. A survey of SMBs conducted by 451 Research found that in the preceding 24 months, 71% of respondents experienced a breach or attack that resulted in operational disruption, reputational damage, significant...

What’s Next? Webroot’s 2019 Cybersecurity Predictions

At Webroot, we stay ahead of cybersecurity trends in order to keep our customers up-to-date and secure. As the end of the year approaches, our team of experts has gathered their top cybersecurity predictions for 2019. What threats and changes should you brace for?...

Responding to Risk in an Evolving Threat Landscape

There’s a reason major industry players have been discussing cybersecurity more and more: the stakes are at an all-time high for virtually every business today. Cybersecurity is not a matter businesses can afford to push off or misunderstand—especially small and...

Adware Purveyors Panning for Search Gold

Reading Time: ~4 min.

SnappyAdz money noose

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

We know most adware companies are shameless in their pursuit of revenue, but it’s been a while since we’ve seen anything as bizarre (or hilariously bold) as the sales pitch from a relative neophyte to the world of adware, which calls itself SnappyAds. On its homepage, SnappyAds posits the hypothetical glee of two business-suited online ad men counting the thousands of dollars they’ve allegedly earned from their allegedly lucrative venture.

Behind the SnappyAds facade, however, is an adware client we (and a few other AV companies) call SearchPan. The installer for the adware client application is hosted on SnappyAds’ webserver, and it modifies both the IE and Firefox browsers to add code which redirects searches through a number of search engines of dubious distinction.

There really isn’t a whole lot to discuss technically about SnappyAds. It really only came to our attention because the Threat Research group as a whole just couldn’t stop laughing when we all saw the pictures of the guy leaning back in his cushy leather chair counting out his Benjamins. They do arrive, as SnappyAds claims, by the ton. So make sure you invest in a forklift before you sign up as a SnappyAds affiliate. You’ll need one to move your palette-loads of cash.

read more…

New Malware Ruins Firefox

Reading Time: ~4 min.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Late last year, we read all the buzz about ChromeInject, a malicious DLL that was being billed as the first malware specifically targeting Firefox. It was interesting to see Installashunthat someone built a phishing Trojan for a different browser platform, but ChromeInject was also clearly an early phase in Firefox malware development: It was fairly obvious, and it was easy to eliminate, because it generated an entry in the Plugins menu called “Basic Example Plugin for Mozilla” which you could simply disable with a single mouse click.

Well now it looks like the bar’s been raised. In the past few weeks, we’ve seen malware writers up the ante in their bets against Firefox. Two new spies came across the transom in the past week, and easily managed to load themselves into a freshly installed copy of Firefox 3.0.7. I should note that this isn’t due to any problem or negligence on Mozilla’s part; once you execute malicious code on your PC, any application is vulnerable. Firefox just happens to be a big target.

read more…

As Web 2.0 explodes, does IT security implode?

Reading Time: ~3 min.

By Jesse McCabe

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Social media sparked a revolution in how we communicate. From best friends to business owners, more of us every day are using a social networking site to connect with people. Facebook welcomes 700,000 new members daily, and an estimated 4-5 million people are now reading tweets on Twitter.

istock_000000590930_med_lockedkeyboard01And cybercriminals are having a field day exploiting the vulnerabilities social networks have exposed in our Internet security practices.

By and large, Internet security at the network level has recently consisted of on-premise URL filtering mechanisms used by organizations to enforce company Internet use policies and improve employee productivity.  These solutions also offered protection by blocking access to sites classified as containing malware. For a while, this approached appeared to work.

read more…

Introducing the Threat Blog

Reading Time: ~3 min.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Welcome, readers. I’m a member of the Threat Research team at Webroot, and I’ve been asked to contribute to Webroot’s new Threat Blog. I’d like to take a moment to introduce myself, tell you a little about what we do, and explain how we plan to use the blog to keep you informed.

Webroot’s threat experts are responsible for defining new malware, and variants of existing malware, that are being introduced every day. We spend the bulk of our time, to summarize in a massively oversimplified manner, breaking PCs by infecting them with Trojan Horse applications, virii, worms, rootkits, password stealers, and other malicious and undesirable software, then figuring out how to fix them again. We infect our PCs, over and over and over again, so you don’t have to; then we make sure Webroot’s products will protect against or remove the infections.

As you can imagine, our perspective on the front lines of Internet security gives us significant insight into the workings of these unwelcome software pests. And we’re now seeing an unprecedented volume of infected PCs and networks, and greater sophistication employed by those doing the infecting. We were compelled to create a vehicle to share that insight with the rest of the world.

My role is to serve as an information conduit between our malware, spam, and Web security experts and you, the reader. I and others will post details about the most dangerous and difficult security threats we encounter, and how to avoid them. We’ll also be sharing trending data we collect about spyware, computer viruses and other infections, and the origins of the infectious agents that propagate them. Our goal is to provide useful information that will, hopefully, help you protect yourselves from what seem — to us, anyway — like wave after wave of increasingly hostile, damaging, and obnoxious malware.

So, thanks for stopping by. We look forward to chronicling the threat landscape for you. Please add us to your RSS feed using the link that looks like a little billboard at the top of the page. And feel free to let us know what you think by sending your comments, questions, or requests to the address on the right side of the page.

Stepping up to the Loserbar

Reading Time: ~5 min.

fake google search result

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Last year, we at Webroot (as well as many other people) saw a huge spike in two specific types of malware: Rogue antispyware products — the ineffective, deceptive kind — and the various tricks the companies that sell rogues use to trick you into downloading (and eventually buying) their bogus products, something we refer to, generally, as Fakealerts.

Here’s usually how the trick works: First, you’re fooled into browsing to a Web site which employs any of a number of tricks to install the Fakealert code onto your PC. The Fakealert then begins popping up messages warning you about some sort of infection in the System Tray, or in dialog boxes, and/or by opening browser windows to pages that look uncannily similar to control panels or dialog boxes used by Windows XP and/or Vista. Later, after you’ve been provided a smoke-and-mirrors “free scan” of your system (which, of course, reports all kinds of salacious and undesirable “detections”), you’re directed to a page where, for just $59 you can be rid of your spyware problems forever.

Yeah, right.

The tricks these guys employ get more creative with every new iteration. We’ve seen them drop hundreds of junk files on a hard drive, which are then “detected” as infections; install screensavers that look just like your computer is going through Blue Screen of Death convulsions; and run every dirty trick and cheap gimmick to get a sale.

So it came as no surprise when we encountered yet another Fakealert — we decided to call it Adware-Loserbar — that leads, eventually, to a rogue product. What set this one apart was its sheer gall — and a few new tricks we hadn’t seen before.

read more…

Page 98 of 98« First...9495969798