Phishers appear to have concentrated their fire on a relatively new target: Apple IDs. In recent days, we’ve seen a spike in phishing sites that try to steal Apple IDs. Upon looking at the URLS, we noted that there was a consistent pattern to the URLs of these phishing sites. They are under a folder…
Read MoreAdditional text and analysis by Kyle Wilhoit Throughout 2012, we saw a wide variety of APT campaigns leverage an exploit in Microsoft Word (CVE-2012-0158). This represented a shift, as previously CVE-2010-3333 was the most commonly used Word vulnerability. While we continue to see CVE-2012-0158 in heavy use, we have noticed increasing use of an exploit for…
Read MoreThe whole idea of Big Data brings with it its own special tools and frameworks that are needed to manage the truly enormous mountains of data that are generated, analyzed, and correlated. One of the frameworks that has found success in Big Data is Hadoop, which is managed by the Apache Foundation. Hadoop is used…
Read MoreUsing encrypted communication like Secure Sockets Layers (SSL) along with the clever use of recent news item as a social engineering lure is the perfect combination to penetrate and remain in a targeted entity’s infrastructure. It didn’t take long for targeted attacks to use last week’s Boston Marathon bombing as a bait to trick predetermined…
Read MoreNoted for its stealth routine, PlugX and its developers now appear to be using several legitimate applications, in particular those used by Microsoft, Lenovo, and McAfee, in an effort to remain under the radar. PLUGX variants are known for its use of normal applications to load its malicious .DLL components. This .DLL hijacking technique is…
Read More