Custom Search
|
We spotted a new variant of the documents used in the cyber attacks against Uyghur back in February. This variant was first submitted to VirusTotal on April 11 from China. This time it uses IUHRDF, which may be a reference to International Uyghur Human Rights & Democracy Foundation, instead of Captain as the author: … Over the past two week, we have been tracking an alarming brute force password-guessing attacks against Web sites powered by WordPress – the most popular content management system in use today (Avira Techblog also runs WordPress). You can see below how various IP addresses (in my example from China) try to connect to the … Several weeks ago, an McAfee researcher named Michael Zhang analyzed an Android trojan which specifically targets South Korean phones. It’s called Smsilence, and it uses bait such as “Starbucks coupon” apps (ex: starbug.apk). Here’s the phone number check looking for country code +82: A detail not included in Zhang’s post: the URLs / IP … The scammers must be getting more and more desperate to get their claws on our money. Their criminal business model is messed up somewhat by anti-spam filters blocking their fraudulent messages from reaching potential victims. What’s a bad guy to do? Well, they could do what this scammer has done – wrap their scam email up into a … This fake IRS spam leads to malware on tv-usib.com: Date: Thu, 27 Dec 2012 22:14:44 +0400From: Internal Revenue Service [information@irs.gov]Subject: Your transaction is not approved Your Income Tax outstanding transaction (ID: 3870703170305), recently ordered for processing from your checking account was rejected by Internal Revenue Service payment processing unit. Canceled … This fake Facebook spam leads to malware on francese.ru: Date: Tue, 4 Dec 2012 03:38:42 +0000From: KaseyElleman@victimdomain.comSubject: You have notifications pending facebookHi,Here’s some activity you may have missed on Facebook.SALLIE FELIX has posted statuses, photos and more on Facebook.Go To Facebook See All NotificationsThis message was sent to postinialerts@[redacted]. … The Websense® ThreatSeeker® Network has detected an unsolicited email campaign in which love-struck or curious recipients may have their appetites whetted by the thought of a secret admirer. Although Websense customers are protected from this and other threats by ACE™, our Advanced Classification Engine, this post provides an insight into the campaign, which appears to … It's been a while since we looked at the Android malware space (I think the last one was here), so when someone asked about it yesterday, I pulled up some log traffic to take a look. It looks like Russia and China continue to be hotbeds for unofficial app download sites, where you're definitely taking … This domain scam has been around for years.. From: jeff jeff@tsnet-china.com To: Date: 3 May 2012 10:02 Subject: Regarding ” dynamoo ” Dispute (If you are not in charge of this please transfer this email to your President or appropriate person, thanks) Dear President, We are the department of Asian Domain registration service in china, … This fake Facebook spam leads to a fake pharma site, but it could easily be adapted for malware. Date: Thu, 26 Apr 2012 09:33:46 -0700 From: “Facebook” [notification+xxxxxxxxxxx@facebookemail.com] Subject: Welcome back to Facebook Hello, The Facebook account associated with xxxxxxxxxxx was recently reactivated. If you were not the one who reactivated this … The Websense® ThreatSeeker® Network has detected a wave of phishing campaigns spreading on the Chinese social network "Sina Weibo". Sina Weibo is a Chinese microblog website, like a hybrid of Twitter and Facebook, that has more than 300 million registered users as of February 2012. The attacker uses compromised accounts to spread phishing messages. The compromised accounts are set … Specialist ISP is a black hat hosting company in Transnistria that I have covered before. Things have been a bit quiet on that front for a while until today when the malware site enswdzq112aazz.com came to my attention. A lot of the bad sites have migrated from Specialist recently, but one unusual thing about Specialist … Elavon deals with payment processing. This email is not from Evalon. From: “Elavon, Inc.” [sobolan@myvirtualmerchan-02.com] Date:Fri, 06 Jan 2012 16:09:48 +0100 Subject: Urgent-Notification –Elavon 2012 Update– Dear Customer, We regret to inform you that your retail merchant account is locked. To re-activate it please download the file attached to this e-mail and update your login … Malware authors always seem to closely monitor trends in Web security development in order to create a variety of browser-based attacks. Just to name a few, techniques such as code obfuscation, plug-in detection and affiliate management are often used. This is why we, at M86 Security, weren’t surprised to see a malicious site which loads … |
Custom Search
|
|
Copyright © 2010 - 2013 DataProtectionCenter.com – Tech and Security - All Rights Reserved
Powered by WordPress & Atahualpa |
||
