The discovery (and subsequent media coverage) of the mobile malware OBAD shows that mobile threats continue to be a serious concern for users. Just like Windows malware, mobile malware are also becoming more sophisticated, both in technique and deployment. This confirms one of our 2013 security predictions. OBAD exploits an Android vulnerability to avoid detection and uninstallation….
Read MoreOpera recently disclosed that attackers compromised their network and stole at least one expired Opera code signing certificate. The attackers then used this certificate to sign their malware, which tricked the target system and (even) security software into thinking that the file was legitimate. We obtained a sample of the said malware (which is detected…
Read MoreOur investigation of the June 25 South Korea incident led us to the compromise of an auto-update mechanism attack scenario. As part of our continuous monitoring, we documented another scenario (presented in this blog entry) pertaining to a DDoS attack scenario launched at specific sites. The recent attack against South Korean websites has revealed a…
Read MoreOn Tuesday, South Korea raised the country’s cyber security alarm from level 1 to 3, because of several incidents that affected different government and news websites in South Korea. One of the several attacks related to the June 25 security incident involved the compromise of the auto-update mechanism related to the legitimate installer file SimDisk.exe,…
Read MoreAnother scam site is offering to increase a user’s Instagram followers. Unlike previous attacks, however, these sites require payment – with the amount depending on the number of followers you prefer. Figure 1. Pricelist for Instagram followers Despite the site’s liberal use of the Instagram logo, it has nothing to do with the service. It…
Read More