Threat Category: Web threats | Page 13

In this first part we’ll look at some very professional phishing and malware attacks that use digitally-signed malware, a breached customer database used for online ticket sales, SSL-certified phishing domains and a lot of social engineering.

In the past year, many users have been forced to deal with BitGuard, a system designed to change home pages and search engine results.

During the course of the last nine months in particular that trust in the Internet has been eroded and replaced with suspicion. How do we fix this?

Over the last few months I have been closely monitoring so-called Darknet resources, mostly the Tor network, and the cybercriminal element is growing.

The largest website in Sweden; Aftonbladet is spreading malware.

However one of the things that drew my attention was the detection of many PHP Backdoors with not-so-common extensions, such as JPG or MP3. Maybe a false positive? Worth taking a look!

In 2013 security issues around mobiles have reached new heights and attained a new level of maturity in terms of both quality and quantity.

Once again, it’s time for us to deliver our customary retrospective of the key events that have defined the threat landscape in 2013.

Any online project – be it a long-lost blog, or a new start-up’s web app – has a very important performance feature called a “maximum load”. This indicator makes itself known when a web app either partially or fully fails to perform its assigned functions to process user requests. For some owners, this may mean

Users can become the victim of a drive-by attack and, if the user’s browser or the browser’s plug-ins have the necessary vulnerabilities, malware will be downloaded to and installed on the victim’s computer.

Proxy auto-config (PAC) files are a modern resource that exist on all modern browsers.

While I was investigating the Trojan.JS.Iframe.aeq case one of the files dropped by the Exploit Kit was an Applet exploiting a vulnerability.

According to KSN data, Kaspersky Lab products detected and neutralized a total of 983 051 408 threats in the second quarter of 2013.

Kaspersky Lab’s mission is to protect the world from viruses. But the company also believes it has a duty to safeguard our children from content which could be harmful to youngsters.

Malicious PACs used by Brazilian bad guys aiming to steal bitcoins

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Web threats

World Cup Brazil 2014: Don’t score an own goal

BitGuard: a System of Forced Searches

Trust. Trust. Trust

Tor Hidden Services – a Safe Haven for Cybercriminals

Largest Website in Sweden Spreading Malicious Code

Malware in Metadata

Kaspersky Security Bulletin 2013. Overall Statistics for 2013

Kaspersky Security Bulletin 2013. Malware Evolution

Under Pressure

HTTPS Working for Malicious Users

PAC – the Problem Auto Config

Anti-decompiling techniques in malicious Java Applets

IT Threat Evolution: Q2 2013

What are children doing online?

Malicious PACs and Bitcoins

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails