Cybercrime in Brazil has changed drastically in the last few years, as it shifted from simple keyloggers to tailored remote administration tools that can run a complete attack by using the victim machine. As we know, they are in touch with cybercriminals from Eastern Europe, mainly Russians. Read Full Article
PNG Embedded – Malicious payload hidden in a PNG file
This is what we found in a new Brazilian Trojan in the wild: it tries to conceal the malicious files in a PNG image. And the attack starts with a simple phishing PDF. Read Full Article
Hospitals are under attack in 2016
The year 2016 started with a quite a number of security incidents related to hacks of hospitals and medical equipment. They include a ransomware attack on a Los Angeles hospital, the same in two German hospitals, an attack on a Melbourne hospital and so on – in just two months of 2016! Read Full Article
Thank you, CanSecWest16!
This year, we had the absolute pleasure of being a part of CanSecWest’s fantastic lineup of talks, well-rewarded pwnage, and entertainment among a jovial crowd of infosec practitioners of every stripe. Read Full Article
Who viewed your Instagram account? And who stole your password?
Mobile applications have become one of the most efficient attack vectors, and one of the favorite methods of cybercriminals is the abuse of popular applications. Read Full Article
“All your creds are belong to us”
Steam experiences steady growth in the number of active users registered on the platform. Security research has tragically ignored gaming malware in the mistaken assumption that nothing of any real value is traded there. This blind spot is being abused by cybercriminals to steal money and affect real damage. Read Full Article
PlugX malware: A good hacker is an apologetic hacker
Our first research into PlugX was published in 2012 – since then this remote access tool (RAT) has become a well-known instrument used in a series of attacks all over the globe targeting multiple industry verticals. Read Full Article
Microsoft Security Updates March 2016
Microsoft releases thirteen bulletins this month, patching a total of 44 vulnerabilities. More than half of the critical vulnerabilities fixed this month support the web browsers, Internet Explorer and Microsoft Edge. Vulnerabilities rated critical also exist in Opentype font parsing kernel components, Windows Media Player, and the Windows PDF library. Read Full Article
Amazon used as bait
In recent weeks, we have seen several mass-mailings in French, Italian and English, imitating messages from Amazon’s online shops. In all the mailings, the recipients were offered a voucher, a gift certificate or some other prize. Read Full Article
First step in cross-platform Trojan bankers from Brazil done
We found a new wave of different campaigns spreading the initial “Banloader” components in Jar (Java archive). It’s able to run on Linux, OS X, Windows. It’s also able to run under certain circumstances even on mobile devices. Read Full Article