Custom Search
|
Earlier today, visitors of web pages associated with Google and Yahoo search were instead being redirected to a defacement page. Preliminary investigation reveals that neither Google, nor Yahoo servers have been hacked or otherwise compromised. Instead, the attackers have somehow changed the authoritative DNS records for the affected domains (which are maintained by registrar RoTLD) … The analyzed bot: Despite the novel way of C&C-communication, the other features of the analyzed bot are quite common these days. It offers several possibilities for DDoS attacks, can download and execute other malware, and can act as SOCKS proxy to anonymize the attacker. What is it about? One of the biggest challenges … It's been a while since we looked at the Android malware space (I think the last one was here), so when someone asked about it yesterday, I pulled up some log traffic to take a look. It looks like Russia and China continue to be hotbeds for unofficial app download sites, where you're definitely taking … The security community has been focused on the new Java zero-day exploits that appear to have been taken from a Chinese exploit pack (known as Gondad or KaiXin) used in targeted attacks by the “Nitro” cyber-espionage campaign and then incorporated into criminal operations using the BlackHole Exploit Kit. While the connections between these developments are … This terse spam leads to malware on moskow-carsharing.ru: From: [redacted] Sent: venerdi 3 agosto 2012 17:09 To: [redacted] Subject: Your Photos Hi, your photos – http://www.[redacted].com/upload.htm The malicious payload is at [donotclick]moskow-carsharing.ru:8080/forum/showthread.php?page=5fa58bce769e5c2c (report here) hosted on the following IPs: 67.227.183.77 203.80.16.81 213.170.99.11 The following domain names are also related and should be blocked: ipadvssonyx.ru leprisoruim.ru … This is part of a domain scam that has been going on for years.. from: Angela info@gytrademark.com to: sales@[redacted].com date: 3 August 2012 03:21 subject: Notice of Internet Intellectual Property Dear Manager, (If you are not the person who is in charge of this, please forward this to your CEO,Thanks) This email is from China … Recently, we came across web malware that - instead of injecting an iframe pointing to a fixed existing address - generates a pseudo-random domain name, depending on the current date. This approach is not new and is widely used by botnets in C&C domain name generation, yet it’s not very common for the web malware we?ve seen … Over the last few weeks, there have been reports of various websites that have had their databases breached and customer data stolen by attackers through various means. A lot of the focus has been on how password dumps have been appearing online. There has always been the concern that attackers who obtain access to customer … FBI’s “Operation Ghost Click” was discussed earlier by my colleague Kurt here and here and now it comes to an end. Next Monday, 9th of July, at 06:00 (MEZ) the temporary DNS-servers setup by FBI will be shut down. But still there are still thousands of infected machines – one can wonder, what will happen … |
Custom Search
|
|
Copyright © 2010 - 2013 DataProtectionCenter.com – Tech and Security - All Rights Reserved
Powered by WordPress & Atahualpa |
||
