One of the bulletins that was part of the October 2014 Patch Tuesday cycle was MS14-063 which fixed a vulnerability in the FAT32 disk partition driver that could allow for an attacker to gain administrator rights on affected systems, with only a USB disk with a specially modified file system. This vulnerability as also designated…
Read MoreA new Shellshock attack targeting SMTP servers was discovered by Trend Micro. Attackers used email to deliver the exploit. If the exploit code is executed successfully on a vulnerable SMTP server, an IRC bot known as “JST Perl IrcBot” will be downloaded and executed. It will then delete itself after execution, most likely as a…
Read MoreMalicious browser extensions bring about security risks as these often lead to system infection and unwanted spamming on Facebook. Based on our data, these attacks have notably affected users in Brazil. We have previously reported that cybercriminals are putting malicious browsers in the official Chrome Web store. We also came across malware that bypasses a Google security…
Read MoreWe have been continuously monitoring the FlashPack exploit, especially with the recent attack which affected Japanese users. We recently looked at our Smart Protection Network feedback and found in a new development that majority of the infected systems of FlashPack exploit came from the U.S. Figure 1. Top infected countries for the FlashPack exploit (based on feedback…
Read MoreCybercriminals and attackers are leveraging Google Drive site and brand to go under the radar and avoid detection. Just last week, a targeted attack uses Google Drive as a means into getting information from its victims. This time, phishers are using a modified version of the legitimate Google Drive login page to steal email credentials. This attack…
Read More