We recently found a malware that abuses two legitimate Windows files — the command line utility wmic.exe and certutil.exe, a program that manages certificates for Windows — to download its payload onto the victim’s device. What’s notable about these files is that they are also used to download other files as part of its normal set of features, making them susceptible to abuse for malicious purposes.Read More
We discovered a malware family called Maikspy — a multi-platform spyware that can steal users’ private data. The spyware targets Windows and Android users, and first posed as an adult game named after a popular U.S.-based adult film actress. Maikspy, which is an alias that combines the name of the adult film actress and spyware, has been around since 2016.
Multiple Twitter handles were found promoting the Maikspy-carrying adult games and sharing the malicious domain via short links.Read More
2015 has so far been a very busy year for security researchers. The data leaked from Hacking Team shocked many, thanks to the multiple zero-days that were disclosed, as well as emails discussing the unscrupulous trade in exploits and “tools”. Cybercriminals (including exploit kit authors) have been hard at work integrating these newly-discovered flaws into their “products”…Read More
When it was announced that Microsoft Edge would replace Internet Explorer in Windows 10, a lot of members in the tech industry took notice. Internet Explorer has been, admittedly, a well-known target for vulnerabilities for years. We noted that in 2014 alone, a total of 243 memory corruption vulnerabilities in Internet Explorer were disclosed and…Read More
Last week we discussed how Microsoft Edge, the new browser in Windows 10, represented a significant increase in the security over Internet Explorer. However, there are also new potential threat vectors that aren’t present in older versions. Integrated plug-ins Microsoft Edge has now integrated two widely used plug-ins into the browser itself: Adobe Flash and a PDF reader….Read More