The discovery of the first Stagefright vulnerability last July is turning out to be just the beginning of many security concerns for Android users. The latest Nexus security bulletin released earlier this month includes updates for 15 remote code execution vulnerabilities related to libstagefright, all tagged as critical. We discovered four of the mentioned vulnerabilities…Read More
Microsoft released six patches this month, which included three rated as critical and the remaining as important. The vulnerabilities found in October’s patch update targeted computer accounts with higher access rights and was done in multiple online and offline platforms. This means computers or laptops with overlapping users or have multiple access to admin accounts are…Read More
Multiple command-and-control (C&C) servers used by the DRIDEX botnet have been taken down by the Federal Bureau of Investigation (FBI), following the action taken by the National Crime Agency (NCA) in the UK.
US law enforcement officials obtained court orders that resulted in the seizure of multiple servers used by DRIDEX. This crippled the malware’s C&C network, which is used by the malware to send the stolen information to the cybercriminals and to download configuration files that include the list of targeted banks. Furthermore, charges have been made against Andrey Ghinkul, aka Andrei Ghincul and Smilex, the Moldovan administrator of the botnet.Read More
Trend Micro researchers have discovered that the attackers behind Pawn Storm are using a new Adobe Flash zero-day exploit in their latest campaign. Pawn Storm is a long-running cyber-espionage campaign known for its high-profile targets and usage of the first Java zero-day we’ve seen in the last couple of years.
In this most recent campaign, Pawn Storm targeted several foreign affairs ministries from around the globe. The targets received spear phishing e-mails that contained links leading to the exploit. The emails and URLs were crafted to appear like they lead to information about current events.Read More
Our research into various cybercriminal underground communities has taken us to Japan. The Japanese Underground looks into this growing community, with a particular focus on the items they sell, such as passports, firearms, and child pornography.
Over the years we have tracked cybercrime activity and targeted attacks in Japan. Japan is no stranger to cyber attacks and malware-related incidents—from recent malvertising attacks in early October to EMDIVI malware targeting Japan companies, and even to banking malware centered in the region in 2014. Despite these incidents and more, our research on the cybercrime underground in Japan shows that the underground economy is still fairly younger and smaller compared with its foreign counterparts.Read More