Threat Category: Web threats | Page 20

On 25 October 2010, the Dutch police force’s Cybercrime Department announced the shutdown of 143 Bredolab botnet control servers. The next day at Armenia’s Yerevan international airport, one of those formerly responsible for running the botnet was arrested.

Facebook adds a new profile option, and may affect privacy.

New attack via Twitter is in progress

Malicious social applications in Orkut were used to redirect users to phishing domains

A friend had ‘sent’ me a strange-looking link via Facebook IM. A closer look revealed that it was a link being spread by a new and active Facebook worm.

Another live XSS vulnerability in Orkut affected more than 180,000 users in Brazil.

There have been several reports about malware hosted on Mozilla and Google code servers. Now we also found malware hosted on My Opera community servers.

We’re still monitoring Pegel, and we’ve come across something which piqued our interest: redirects to malicious websites hosting exploits weren’t only coming from infected legitimate sites, but also from flash ads on legitimate sites.

You may have noticed that we lowered our internet threat level to low risk. We have taken another look at Email-Worm.Win32.VBMania and its prevalence and came to the conclusion the increased threat level was not warranted.

A new Twitter XSS exploit was identified in the wild as it started to be used by cybercriminals overnight.

On Aug 21, we detected a new instant messenger worm that spreads through almost all well-known IM programs. The name of the threat is “IM-Worm.Win32.Zeroll.a”

From the dangers of EXIF to the publishing of vacation photos online in a safe manner.

Websites getting defaced, servers getting turned into nodes in botnets, shell accounts and backdoors being sold on the black market – this is what’s happening on the Internet every day

The vulnerability in the Windows Help and Support Center (CVE-2010-1885) has been a constant irritation to antivirus experts for the third week in succession. I will try to provide an analysis of the problem with the help of KSN

Iframes can have several attributes and we often encounter them when analysing malicious sites. They are often used in a hidden way to construct drive-by downloads of malware

Reports

Kaspersky discloses new tools and techniques discovered in 2025 Tomiris activities: multi-language reverse shells, Havoc and AdaptixC2 open-source frameworks, communications via Discord and Telegram.

Kaspersky experts analyze the ToddyCat APT attacks targeting corporate email. We examine the new version of TomBerBil, the TCSectorCopy and XstReader tools, and methods for stealing access tokens from Outlook.

Kaspersky GReAT experts dive deep into the BlueNoroff APT’s GhostCall and GhostHire campaigns. Extensive research detailing multiple malware chains targeting macOS, including a stealer suite, fake Zoom and Microsoft Teams clients and ChatGPT-enhanced images.

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

Web threats

End of the Line for the Bredolab Botnet?

Tim is using the new profile

Malicious Twitter trends

Social apps, security problems

Catching Facebook worms in Russia

Another live XSS vulnerability

Google, Mozilla and now Opera… Who’s next?

Pegel now in banners

Another look at VBMania

Twitter XSS in the wild

New IM Worm Squirming in Latin America

My vacation photos

Mass Defacements: the tools and tricks

The figures behind the headache

iFrames = Apple too?

Reports

Tomiris wreaks Havoc: New tools and techniques of the APT group

ToddyCat: your hidden email assistant. Part 1

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

Mem3nt0 mori – The Hacking Team is back!

Subscribe to our weekly e-mails