Latest Posts | Page 126

Despite Trend Micro’s history of patent aggression, reliable sources are indicating that Trend’s patents at issue may be invalid which is a positive development for Fortinet. In December 2010, the United States Patent and Trademark Office (US PTO) issued office actions on the two related Trend Micro patents (5,623,600 and 5,889,943), rejecting every claim as invalid. This finding is consistent with the opinion of the staff attorney at the International Trade Commission in the Barracuda Networks case that Trend’s ‘600 patent is invalid. Despite... [Read More]
by RSS Patrick Bedwell  |  Apr 01, 2011  |  Filed in: Security Research
We often have requests on mobile malware statistics and although statistics are only an imperfect representation of reality, this is what we can share. Those statistics only concern malware which run on mobile phones (hybrid malware which run on a PC and send SMS do not count for instance) and the results are for malware families, i.e a group of samples which are 'similar' and, yes,unfortunately, this is quite subjective. Reminder: a family is then divided in several variants. An each individual malicious package is called a sample. we haven't... [Read More]
by RSS Axelle Apvrille  |  Mar 28, 2011  |  Filed in: Security Research
Last week we attended Insomni'Hack 2011, where our Crypto Girl (Axelle Apvrille) presented on mobile phone threats. Debriefing of the conference may be found here and there. Both blog authors highlighted the main goal of Axelle's talk, which was to raise awareness about existing threats on smartphones. Mobile phones had already been targeted for a long time (by application sending sms for instance) but since recently (approximately one year) it has been hit by more advanced attacks - probably with the help of cybercriminal organizations. Their... [Read More]
by RSS Alexandre Aumoine  |  Mar 18, 2011  |  Filed in: Security Research
Android devices continue to be the target of malware authors with Android/Fake10086.A!tr. AegisLab spotted this malicious Trojan in the wild in China and posted an interesting write-up on the matter. In brief, Android/Fake10086.A!tr looks like a handy hotel reservation application (e.g com.hotel apk), but in the background it communicates with a remote web server and blocks some incoming SMS messages. Most noticeably, Fake10086 blocks SMS messages coming from 10086, the customer service portal of a leading chinese telecom operator - presumably... [Read More]
by RSS Axelle Apvrille  |  Mar 10, 2011  |  Filed in: Security Research
This year marks the 40th anniversary of Creeper, the world's first computer virus. From Creeper to Stuxnet, the last four decades saw the number of malware instances boom from 1,300 in 1990, to 50,000 in 2000, to over 200 million in 2010. Besides sheer quantity, viruses, which were originally used as academic proof of concepts, quickly turned into geek pranks, then evolved into cybercriminal tools. By 2005, the virus scene had been monetized, and virtually all viruses were developed with the sole purpose of making money via more or less complex... [Read More]
by RSS Guillaume Lovet  |  Mar 10, 2011  |  Filed in: Security Research
Today starts CanSecWest 2011, in Vancouver, BC. The famous conference - which hosts the equally famous Pwn2Own contest - gathers some of the top security researchers in the World, addressing topics such as exploitation techniques (eg: the presentation on Stale Pointers by the Zynamics guys), fuzzing, gaming console security, embedded systems... Collin Mulliner will apparently elaborate on wide scale implications of his SMS-of-death attack, while Dan Kaminsky is set to wrap up ten years of security improvements...or lack thereof. The complete program... [Read More]
by RSS Guillaume Lovet  |  Mar 09, 2011  |  Filed in: Security Research
We are pretty busy these days with malicious samples on Android. You probably haven't missed DroidDream (Android/DrdDream.A!tr) which trojaned several applications on the Android Market and several blog posts on the matter: Lookout explains how the malware was discovered, which applications it targets and whether you should be concerned or not. By the way, we thank them for sharing samples with us. AndroidPolice explains the malware uses the rageagainstthecage root exploit, and that malicious applications have been pulled out of the market Kaspersky... [Read More]
by RSS Axelle Apvrille  |  Mar 03, 2011  |  Filed in: Security Research
Is Symbian still the leader for smartphone operating systems or not? How far have Android and iPhones penetrated the market? Who's the leader for smartphone OS: Symbian? BlackBerry? Android? iPhone? A quick search on Internet provides quite opposite results, and I decided to find out why. There is no official definition of what a smartphone is compared to a feature phone. Steve Litchfield already mentioned the fact in an interesting article and lists several definitions: a phone that can be extended with hundreds of add-on applications a phone... [Read More]
by RSS Axelle Apvrille  |  Mar 01, 2011  |  Filed in: Security Research
Keith Shaw, programming director at Network World and Derek Manky, senior security strategist at Fortinet discuss the rise of mobile malware that is being seen as more mobile devices and operating systems penetrate the enterprise. The 12 minute podcast also talks about a new form of the Zitmo and SpyEye botnets that the FortiGuard Labs have been studying. [Read More]
by RSS Rick Popko  |  Feb 28, 2011  |  Filed in: Security Research
Zitmo is a mobile malware Fortinet has particularly been focusing on since the beginning (see our first blog post and my presentation at ShmooCon 2011) as it is one of the first palpable signs organized criminals show interest in infecting mobile phones. As you may know (see F-Secure and Kaspersky's blog posts), it is unfortunately back, with a new version. So, technically speaking, what's new? it now supports Windows Mobile phones too. Not only Symbian (there was rumors concerning a BlackBerry version - never confirmed). the default phone number... [Read More]
by RSS Axelle Apvrille  |  Feb 23, 2011  |  Filed in: Security Research