Early this year, Trend Micro researcher Kyle Wilhoit observed an increase in the use of AutoIt in several hacker tools and malware, which were typically uploaded on sites like Pastebin and Pastie. In the said blog post, Kyle noted that because of AutoIt’s easy-to-learn language, we can expect more threat actors to incorporate this scripting language in their…
Read MoreWe recently came across a CryptoLocker variant that had one notable feature—it has propagation routines. Analysis of the malware, detected as WORM_CRILOCK.A, shows that this malware can spread via removable drives. This update is considered significant because this routine was unheard of in other CRILOCK variants. The addition of propagation routines means that the malware can…
Read MoreThis article, recently published in the Journal of Communications, adds another log to the BadBIOS fire. It has been stated that devices in the BadBIOS case are communicating across an air-gap with commodity PC audio hardware. This paper clearly spells out one workable way to communicate in this way. Even if this doesn’t end up…
Read MoreWe recently noticed that there has been an increase in spammed messages that use airline information as bait. These messages are made to look like notifications from airlines such as Delta Airlines, British Airways, US Airways, and American Airlines. Each message comes with an attachment—often in the form of a fake e-ticket—that recipients are supposed…
Read MoreRecently Google announced that it had changed its policy dealing with images in email. In a blog post on the official Gmail blog, Google said: [You’ll] soon see all images displayed in your messages automatically across desktop, iOS and Android. Instead of serving images directly from their original external host servers, Gmail will now serve…
Read More