Last week's OpUSA attacks resulted with no high-profile sites knocked offline, and damage limited to relatively unknown sites compromised and defaced. Still, the attack did show how hackers operate and "claim" their results in high-profile hacking "operations" like OpUSA. Using information provided both by the Smart Protection Network and the attackers themselves (via Pastebin), we were able to see, in part, how these attacks happen. What we found was that the attackers likely “stockpiled” an arsenal of compromised sites ahead ...
Recent incidents highlight how frequently - and creatively - cybercriminals try to steal data. From "homemade browsers" to million-user data breaches, to the daily theft carried out every day by infostealers and phishing attacks, every day.
All this stolen information ends up for sale in the underground to the highest bidder. From there, it can be used in many uniformly illegal ways - from identity theft, to credit card fraud, to launching attacks on other users. They can also be used to ...
A new Internet Explorer zero-day exploit has been spotted in a compromised website of the US Department of Labor.
When users visit the compromised website, it loads a malicious script which Trend Micro detects as JS_DLAGENT.USR. This particular script was hosted on the compromised site itself. It loads another script (this time, hosted on a malicious server) detected as JS_KILLAV.AA.
Once executed, JS_KILLAVA.AA obtains specific information from the infected machine such as the installed Adobe Reader and Flash version as well as security ...
In the past few weeks, many WordPress blogs have been under a large-scale brute force attack. These attacks use brute-force techniques to log into WordPress dashboards and plant malicious code onto compromised blogs and websites.
It's important to note what these attacks aren't. They are not compromising WordPress blogs using known vulnerabilities in unpatched versions; if anything this current attack is less sophisticated than that - it merely tries to log into the default admin account with various passwords. If it is successful ...
Last April 7, several Israeli websites were targeted by the hacker group Anonymous. Based from reports, certain government and private Israeli websites were not accessible and were possibly victims of a DDoS attack.
Media coverage of DDoS attacks tend to cover on whether or not the targeted site is knocked offline, and not particularly how they are carried out. This is a mistake, as this ignores the fact that many of the "attackers" are actually systems that have been infected with ...
