social engineering


This is our third week of the roundup, and things in the cyberthreat world continue to be interesting, including the return of several attacks we have seen for years. Here’s a quick summary of what happened this week. 1. It’s Still About Ransomware. While last week’s spike seems to have calmed down, we are still seeing an alarming amount of ransomware. This week our top 10 detections were all Javascript-based variants of Nemucod, with nearly 7 million attempts logged. It seems like attackers are producing a new Nemucod variant... [Read More]
by RSS Bill McGee  |  Sep 09, 2016  |  Filed in: Industry Trends
It was my first time at Hack in Paris, with a single track of talks, but definetely good ones. I'll be highlighting below what struck me the most. You don't hear me but your phones voice interface does (José Lopes Esteves, Chaouki Kasmi) It is possible to inject signal to voice control systems on a phone. That signal, although it won't sound like a voice to human beings - will be interpreted by the voice control system and can be used to remotely command the phone. The authors showed a video where the injected signal... [Read More]
by RSS Axelle Apvrille  |  Jun 24, 2015  |  Filed in: Security Research
Modern malware use every possible vector of attack to infect a system. Emails, which are available to almost everyone, are common carriers. In this type of attack, attackers try to lure users to open malicious attachments that look like documents, but have multiple file extensions, such as “financial.doc.exe”. Most of the time, the user only sees the “financial.doc” filename without the ".exe" extension, which makes it easy to assume that it is a Microsoft Word document. Once the file is clicked and executed, the... [Read More]
by RSS Raul Alvarez  |  Apr 29, 2015  |  Filed in: Security Research
In early November, we experienced an influx of Microsoft Word documents that contained malicious macros. Just when the computer security industry was on the verge of forgetting these oldies, they rose to life once again, proving that they’re not allowing themselves to be eliminated that easily. In June, Ruhai Zhang warned of macro threats that continue to spread, particularly those that use Microsoft Excel. In this blog post, I will go over a family of Microsoft Word macros, detected as WM/Agent!tr, that I have encountered in the past couple... [Read More]
by RSS Sousan Yazdi  |  Jan 06, 2015  |  Filed in: Security Research
Whenever we refer to macro threats, we are reminded of those malicious macros in the old days which infect Microsoft Office documents. Contrary to popular belief, macro threats haven't completely disappeared. Even with many new security features added to Microsoft Office and even with the improvement of people's security consciousness, macro threats still continue to persist. These new macro threats, however, have changed their role from being infectors into droppers that could decrypt/decode/drop/execute the payload. In this way, the payload... [Read More]
by RSS Ruhai Zhang  |  Jun 17, 2014  |  Filed in: Security Research
When Facebook broke all records with its $100 billion IPO, security experts wondered if the news would make it an even bigger target for hackers. But let’s face it, with the world’s largest social network climbing toward a billion users—around one seventh of the global population—it’s a pretty safe bet that it was already wearing a big red X on its back. According to popularity service Alexa.com, Facebook is the second most visited site, after Google and before YouTube, putting it prominently in the line of fire for cybercriminals. And... [Read More]
by RSS Stefanie Hoffman  |  Jun 15, 2012  |  Filed in: Industry Trends
While the next generation of tech has arguably arrived, it is simply a fact now that social networking sites and the blogosphere have become an integrated part of many peoples lives - some may even call them home (at least to their browsers). In 2008, we predicted the wave of spam that would hit these "Web 2.0" platforms as it was a natural target for spam to migrate to after years of living inside of mass mailers. Indeed, throughout the year of 2008 we witnessed a barrage of attacks on these sites: malicious social applications, "Spam 2.0", worms... [Read More]
by RSS Derek Manky  |  Jun 18, 2009  |  Filed in: Security Research
Our March 2009 Threat Landscape Report is now available, recapping a month of threat activity from exploits and malware, to spam. Here are some key movements from the report along with comments: After a year long battle, W32/Virut.A finally lands in top spot - surpassing Netsky. This parasitic file infector proves to be quite virulent, and has generated enough activity to land in our malware top 10 for twelve solid months. On top of infecting multiple local files on a PC, the virus can spread through file shares and/or removable media such as USB... [Read More]
by RSS Derek Manky  |  Mar 27, 2009  |  Filed in: Security Research