Latest Posts | Page 137

Recently, a new trojan named Android/Fakemart caught our attention as it is operating in France, where our EMEA labs are located. The malware poses as a Winamp Pro application or a Black Market application (Black Market is an alternative to Android's Google Play market) but has none of its functionalities. Instead, it sends SMS messages to premium phone numbers - at the victim's expense - and contacts a few remote servers. See details here. Sending SMS to premium phone numbers is a common method among mobile malware to make money. At one point... [Read More]
by RSS Axelle Apvrille  |  Sep 03, 2012  |  Filed in: Security Research
Organizations these days have their hands full with security and management challenges brought about by the Bring Your Own Device phenomenon. But why stop at devices? Good question. In fact, the same culture of innovation and self-reliance, spurred by BYOD, has increasingly translated to applications. And as such, users are pushing the trend to its limits by introducing their own applications into the workplace to meet their needs. The burgeoning Bring Your Own Application (BYOA) trend appears to be a natural and logical extension of BYOD--and... [Read More]
by RSS Stefanie Hoffman  |  Aug 31, 2012  |  Filed in: Industry Trends
As I fly home from VMworld 2012, my head is still spinning from many discussions about virtual servers, VM licensing, VDI, Infrastructure as a Service (IaaS) and the cloud in general. The show was a different one for me – it was my first VMworld. Usually, I attend security oriented shows. VMworld was an exciting look into the IT side of the house. What is happening in the world of servers and infrastructure? I cut my teeth in IT as a Novell Netware admin in 1994. Talk of networks and servers still bring up a bit of nostalgia – memories of... [Read More]
by RSS Rob Ayoub  |  Aug 31, 2012  |  Filed in: Industry Trends
Tim Strazzere's Android CrackMe It's Android challenge time, and Tim Strazzere provided an interesting Android CrackMe at BlackHat. As he agreed to my posting about it, here's my spoiler/solution below. The package is named droid-with-a-big-ego.apk and APKTool and Baksmali have difficulties processing it: I: Baksmaling... Exception in thread "main" org.jf.dexlib.Util.ExceptionWithContext: The header size is not the expected value (0x70) at org.jf.dexlib.Util.ExceptionWithContext.withContext( I worked around... [Read More]
by RSS Axelle Apvrille  |  Aug 23, 2012  |  Filed in: Security Research
A couple of months ago, a neighbor was chatting with me about a new miracle antivirus application that he got from a friend. He told me that it works great and frequently captures a lot of viruses on his computer. His only complaint was that he had to pay every time the software purged his computer of the malware. I almost didn’t have the heart to tell him that the magical virus eliminator he was referring to is in fact, what is known in the security industry as fake AV or Rogue AV. There are many versions of fake AV currently circulating on... [Read More]
by RSS Raul Alvarez  |  Aug 16, 2012  |  Filed in: Industry Trends
It's no secret that these days, most organizations are up to their ears in Big Data--and most can't get rid of it fast enough. (Just think tens of millions of computers, housing every piece of data imaginable, from credit card and band records, to healthcare information and blue prints, ripe for the picking in a veritable digital wasteland.) Consequently, business intelligence and analytics, especially with the aim of conducting some type of information triage, is becoming a booming business as organizations madly scour their systems to shed their... [Read More]
by RSS Stefanie Hoffman  |  Aug 15, 2012  |  Filed in: Industry Trends
If someone asked me when I was a Unix Admin, would I be here in 12 years time pontificating about password security, I would have said no chance, as by then we will have cracked (pun intended) the problem of insecure passwords. I would also have been severely wide of the mark. Even Spielberg was more accurate with his Back to the Future prediction of hoverboards (#Ref 1). Sadly since then the situation has not changed. As a part time Unix admin in those days for a bet (and with the blessing of the department I might add), I ran John the Ripper... [Read More]
by RSS Carl Windsor  |  Aug 07, 2012  |  Filed in: Industry Trends
Fortinet's Derek Manky and Network World's Keith Shaw talk about the latest security threats. This month, they talk about SCADA, exploits in Microsoft Gadgets and Sidebar, and looming mobile exploits via Android and other platforms. [Read More]
by RSS Rick Popko  |  Aug 06, 2012  |  Filed in: Industry Trends
date: 2014-05-01 01:00:00 -0700 category: "Security Research" [ This article originally appeared in Virus Bulletin ]( [ For Part 1 of this article Click Here ]( Sality has been around for many years, yet it is still one of today's most prevalent pieces of malware. Last month, we described Sality's algorithm, showing the strengths of its encryption, how it uses the stack as temporary memory for code manipulation, and... [Read More]
by RSS Raul Alvarez  |  Jul 30, 2012  |  Filed in: Security Research
date: 2013-10-14 06:00:00 -0700 category: "Security Research" Final panel on collateral damage in cyber-warfare This post is the third in a three part series. Click here for Part 1 and here for Part 2 Fabio Assolini, Andrey Makhnutin - PAC - the Problem Auto Config (or stealing bank accounts with a 1KB file) Proxy Auto Config are a so big problem in Bresil that Fabio renamed them "Problem Auto Config". They are very small malware which consist in just modifying the proxy server files browsers are meant to use. With Internet Explorer, the proxy... [Read More]
by RSS Axelle Apvrille  |  Jul 30, 2012  |  Filed in: Security Research