Amazon S3 exploiting through SpyEye

Many Cloud Computing providers offer gigabytes of storage for free, and the cybercriminals use to maintain and spread malware of all the kind. At the same time, many legitimate services are not free, but are still very attractive to cybercrime gangs. In the case of Amazon, Amazon Simple Storage Service (Amazon S3) does the trick. Read Full Article

What has happened to DNS Security?

Have we forgotten about DNS secutity? In a time of hacktivism and targetted attacks being on the raise this is something that we cannot afford forgetting. During my research i noticed that alot of DNS servers are running a weak configuration allowing an remote attacker to gain valuable information. Read Full Article

ZeuS-in-the-Mobile for Android

The first version of ZeuS-in-the-Mobile (ZitMo), malware which targets mTANs, was discovered in the end of September 2010. In that case it was targeting Symbian smartphones. Later on, ZitMo versions for Windows Mobile and Blackberry were found. It comes as no surprise that cybercriminals have created new and sophisticated pieces of mobile malware for Symbian and Windows Mobile; more surprising is that Blackberry devices were also targeted; and even more surprising is that until July 2011 there was no evidence of ZitMo for Android’s existence. And now please ‘welcome’ ZeuS-in-the-Mobile for Android. Read Full Article

Patch Tuesday July 2011

Discussion of this month’s patch Tuesday is overshadowed by the current round of massive releases from targeted spearphishing, web and SQLi attacks reported in the media. Four bulletins are being released to address 22 CVE records, or sets of vulnerabilities. Read Full Article