Timing is everything, especially if you’re trying to spread malware. Last week, the developers of the popular Twitter application TweetDeck notified users that due to changes in the authentication protocols Twitter supports, users of older versions will have to upgrade. Naturally, cybercriminals latched onto this bit of news and sent out their own Tweets saying…
Read MoreAn independent group of security researchers has announced that they will be releasing zero-day vulnerabilities, Web application vulnerabilities, and proof-of-concept (POC) exploits for patched vulnerabilities throughout the month of September. Many high-profile vendors such as Adobe, Apple, Microsoft, and Mozilla are among those whose products will apparently have vulnerabilities revealed during the month. According to…
Read MoreDespite the consistent media exposure that FAKEAV malware has been receiving, it continues to be business as usual for FAKEAV proponents. To find out why the notorious malware family persists, Trend Micro researchers looked into three important aspects—social engineering techniques, the FAKEAV technology, and the FAKEAV business itself. Social Engineering Social engineering is a technique…
Read MoreOver the weekend, Microsoft issued a new security advisory which covered a vulnerability in how Windows handles DLL files. The attack scenario would go this way: a vulnerable application would be used to open a file. The opened file can be a perfectly legitimate file; however the malicious file must be located in the same…
Read MoreA spammed message supposedly from Newegg, a popular online computer hardware/software seller has been found in the wild. It informs users that their online purchase has been charged to their Visa card. It also contains two clickable links that point to the same malicious page, an example of which is http://{BLOCKED}nthenet.net/1.html. Clicking the link leads…
Read More