Data collectors

As we saw from the statistics, tech giants that collect and analyze data to show us targeted advertising are present practically everywhere in the world. And it is these companies that store the most data about people from all over the planet. Read Full Article

APT trends report Q3 2019

The quarterly summaries of APT activity are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private reports. This is our latest installment, focusing on activities that we observed during Q3 2019. Read Full Article

Master Keys and Vulnerabilities

Last weeks have been quite busy with announcements of either master keys or Chinese master keysbeing unveiled, both qualifying as critical vulnerabilities for the Android platform. Although things have finally calmed a bit, we are still waiting for the final act in Las… Read Full Article

March 2013 Microsoft Security Bulletins – Low Impact from Pwn2Own, Watch USB Drives for Another Stuxnet

Microsoft releases nine March Security Bulletins. Four of the Bulletins are rated critical, but of the 20 vulnerabilities being patched, 12 are rated critical and enable remote code execution and elevation of privilege. Microsoft software being patched with critical priority include Internet Explorer, Silverlight, Visio Viewer, and SharePoint. So, pretty much every consumer running Windows, and lots of Microsoft shops, should be diligently patching systems today.

Read Full Article

TURKTRUST CA Problems

Microsoft just publicly announced a release to actively “untrust” three certificates issued by Certificate Authority TURKTRUST, a subsidiary of the Turkish Armed Forces ELELE Foundation Company. According to Microsoft, the company made several mistakes resulting in fraudulent certificates issued that could be used to MiTM encrypted communications with gmail or other google properties.

Read Full Article

Fraud abusing Google Docs

Phishing is not exactly a ground-breaking technique. Quite the opposite, it seems like it has been around forever. This is an indicator of its effectiveness: we might think that it is unlikely that people would give away their banking credentials just because they are asked for them, but still there is a percentage who continue to become victims of one of the simplest fraud methods.

However both user awareness and anti-phishing tools are making harder for fraudsters to succeed in their attempts to get our money. We see this changing in the decrease in the percentage of spam. That is not the only reason: users are switching to new platforms such as social networks for direct communication.

Today I want to show you an example of the creativeness in avoiding spam and phishing filters.

Read Full Article