Tag: virus bulletin

Malware authors' continued use of stolen certificates isn't all bad news

Post author By Martijn
Post date July 10, 2018
No Comments on Malware authors' continued use of stolen certificates isn't all bad news

A new malware campaign that uses two stolen code-signing certificates shows that such certificates continue to be popular among malware authors. But there is a positive side to malware authors’ use of stolen certificates.
More on Virus Bulletin’s blog.

Tags blacktech, certificate, code-signing, eset, malware, plead, virus bulletin

Security

Necurs update reminds us that the botnet cannot be ignored

Post author By Martijn
Post date July 6, 2018
No Comments on Necurs update reminds us that the botnet cannot be ignored

The operators of the Necurs botnet, best known for being one of the most prolific spam botnets of the past few years, have pushed out updates to its client, which provide some important lessons about why malware infections matter.
More on Virus Bulletin’s blog.

Tags botnet, c&c, malware, necurs, spam, trend micro, virus bulletin

Security

We cannot ignore the increased use of IoT in domestic abuse cases

Post author By Martijn
Post date June 26, 2018
No Comments on We cannot ignore the increased use of IoT in domestic abuse cases

The New York Times reports that smart home devices are increasingly used in cases of domestic abuse.
Read more on Virus Bulletin’s blog.

Tags domestic abuse, internet of things, iot, virus bulletin

Security

Subtle change could see a reduction in installation of malicious Chrome extensions

Post author By Martijn
Post date June 13, 2018
No Comments on Subtle change could see a reduction in installation of malicious Chrome extensions

Google has made a subtle change to its Chrome browser, banning the inline installation of new extensions, thus making it harder for malware authors to trick users into unwittingly installing malicious extensions.
Read more on Virus Bulletin’s blog.

Tags browser, chrome, extension, google, malware, virus bulletin

Security

Expired domain led to SpamCannibal's blacklist eating the whole world

Post author By Martijn
Post date May 31, 2018
No Comments on Expired domain led to SpamCannibal's blacklist eating the whole world

The domain of the little-used SpamCannibal DNS blacklist had expired, resulting in it effectively listing every single IP address.
Read more on Virus Bulletin’s blog.

Tags blacklist, dns, dnsbl, spamcannibal, virus bulletin

Security

MnuBot banking trojan communicates via SQL server

Post author By Martijn
Post date May 30, 2018
No Comments on MnuBot banking trojan communicates via SQL server

Researchers at IBM X-Force have discovered MnuBot, a banking trojan targeting users in Brazil, which is noteworthy for using SQL Server for command and control communication.
Read more on Virus Bulletin’s blog.

Tags banking, brazil, ibm, malware, mnubot, sql server, trojan, virus bulletin, x-force

Security

XMRig used in new macOS cryptominer

Post author By Martijn
Post date May 23, 2018
No Comments on XMRig used in new macOS cryptominer

A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.
Read more on Virus Bulletin’s blog.

Tags cryptocurrency, macos, malware, monero, virus bulletin

Security

Tendency for DDoS attacks to become less volumetric fits in a wider trend

Post author By Martijn
Post date May 22, 2018
No Comments on Tendency for DDoS attacks to become less volumetric fits in a wider trend

CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.
Read more on Virus Bulletin’s blog.

Tags cloudflare, ddos, http, layer 7, virus bulletin

Security

We are more ready for IPv6 email than we may think

Post author By Martijn
Post date May 21, 2018
No Comments on We are more ready for IPv6 email than we may think

Though IPv6 is gradually replacing IPv4 on the Internet’s network layer, email is lagging behind, the difficulty in blocking spam sent over IPv6 cited as a reason not to move. But would we really have such a hard time blocking spam sent over IPv6?
Read more on Virus Bulletin’s blog.

Tags dnsbl, email, ipv6, spam, virus bulletin

Security

Hide'n'Seek IoT botnet adds persistence

Post author By Martijn
Post date May 9, 2018
No Comments on Hide'n'Seek IoT botnet adds persistence

The Hide’n’Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart.
Read more on Virus Bulletin’s blog.

Tags bitdefender, botnet, hide'n'seek, internet of things, iot, virus bulletin