Security by Passion !
On Febrauary 15th, Kickstarter sent an email to its customers and published a news on its blog about a data breach on kickstarter. The accessed information includes usernames, email addresses, mailing addresses, phone numbers and encrypted passwords. The sophistication on the hacker is not known yet but its possible that passwords can be extracted by […]
Recently a zero day vulnerability in Internet Explorer was discovered(CVE-2014-0322)). Researchers from Fireeye has identified that hackers are using this vulnerability in targeting US military personals. Furthermore they also suspect that this may be a very strategic campaign (Operation Snowman) during the President’s day weekend. FireEye researchers observed drive-by-download attack which alters HTML code of the […]
Its almost sounded unbelievable when Kaspersky research published a cyber espionage APT campaign MASK (Careto) that’s been running in the wild since 2007, undetected, targeting 31 countries. The complexity of the tools used for MAST by the attackers are very sophisticated which makes its very special. This includes an extremely sophisticated piece of malware, a […]
Bradley Williams, a security researcher has discovered a vulnerability in iOS 7 that can allow the disabling of ” Find My iPhone” without having to enter a password. This new vulnerability allows someone who has access to your i-phone to quickly disable “Find My iPhone” service, which is used to track the location of all registered […]
Jamie Sanchez, a security researcher discovered a vulnerability within Snapchat mobile app which can crash your iphone by Denial of Service attack. The vulnerability can enable a hacker to launch DoS attacks which can potentially crash a users phone or requires that the user perform a hard reset. He further says with a video that […]
Researchers from Kaspersky discovered a Brazilian Java Trojan that spreads via phishing email. Dmitry Bestuzhev explains that he never owned a Playstation but received an email with an attachment with a unusual ways of spreading Trojan bankers via .Jar files ( 14KB). It appeared to be a strange Trojan because even if a user just clicks on a .jar […]
Its very common lately for sites spreading malware from ads. The ad which are served from Google and Microsoft may relie on third party syndication may potentially be compromised which may lead to malware distribution. A similar incident happened as reported by Kaspersky that the largest website of sweden was spreading scare-ware to its users. […]
Adobe released an emergency patch for a critical vulnerability affecting Flash Player for Windows, Linux and OS X, the exploitation of which can result in an attacker gaining remote control of the compromised systems. The security flaw exists in Adobe Flash Player 12.0.0.43 and earlier versions Adobe thanks Alexander Polyakov and Anton Ivanov of Kaspersky Labs […]
Peter Gramantik, a malware researchers from Sucuri has discovered a new way to distribute malware that relies on reading JavaScript code stored in an obfuscated PNG file’s metadata to trigger iFrame injections. This injection makes it very harder for antivirus detection because the injection method is deeply engrained in the image’s metadata. This iframe can be seen […]
GameOver Zeus is a notorious malware family that makes fraudulent transactions from your bank accounts from the infected host. A new variant of GameOver Zeus uses encryption to hide itself while propagation which makes it almost impossible to be detected by modern day antivirus. The malware encrypts itself so well that it can pass the […]