vulnerability | Page 6


In the United States, families will soon be traveling by plane, train and automobile to be with their loved ones to celebrate the Thanksgiving holiday. Large feasts will be prepared, football games will be viewed, and parades watched. One other great American pastime that, to many, is just as fun and integral to their holiday is the kickoff to the holiday shopping season, which starts with Black Friday and Cyber Monday. People are known to line up for hours and hours in the wee hours of the morning all in the hopes of scoring that killer deal... [Read More]
by RSS Richard Henderson  |  Nov 24, 2014  |  Filed in: Industry Trends
[Read More]
by RSS Michael Perna  |  Nov 21, 2014  |  Filed in: Industry Trends
[Read More]
by RSS Michael Perna  |  Nov 07, 2014  |  Filed in: Industry Trends
This is a follow up post on Operation Emmental. If you are not aware of Emmental, please read this white paper, and our previous blog post. I wouldn't deserve to sign my posts as 'the Crypto Girl' if I didn't mention crypto in Android's Emmental malware (Android/Emmental.A!tr.spy) ;) Emmental's code uses Spongy Castle. This is the (famous?) Bouncy Castle crypto library repackaged for Android. It is the first time I encounter the library in mobile malware (but it's possible I missed it in other samples). It also loads an elliptic curve library.... [Read More]
by RSS Axelle Apvrille  |  Oct 30, 2014  |  Filed in: Security Research
[Read More]
by RSS Michael Perna  |  Oct 24, 2014  |  Filed in: Industry Trends
Hackers have been using evasion techniques for years to get malicious payloads past firewalls. Make sure your firewall is set up out of the box to detect these attacks. So-called evasion techniques have been part of the hacker’s toolkit for years. Evasion techniques attempt to confuse, overwhelm, or blind firewalls with unexpected data, letting the bad guys (or bots) circumvent intrusion detection algorithms and launch attacks or sneak malicious payloads past the firewall. Next gen firewalls (NGFWs) are generally designed to, among other things,... [Read More]
by RSS Chris Dawson  |  Oct 09, 2014  |  Filed in: Industry Trends
A few months ago, Tinba’s source code was leaked in the wild. It is now inevitable that a different and enhanced version of it is out there. Tinba, also known as Tiny Banker, made its debut a couple of years ago. Though it is small, it is capable of doing what its big brothers can do. For more details on some of its features, you can read my article posted on Virus Bulletin. 64-bit Injected Code As expected, we have seen some new changes added to the original malware. Tinba is now capable of injecting its code into a 64-bit running process. The... [Read More]
by RSS Raul Alvarez  |  Oct 06, 2014  |  Filed in: Security Research
While the Shellshock story is taking the media by storm, and as the reports of exploitation in the wild start to emerge, some questions about the worse-than-heartbleed infamous bug remain unanswered. "Will there be a Slammer-like worm owning half of the Internet within a few hours?", "Besides Apache, DHCP and SSH, are there other ways to remotely set environment variables?", "Has the NSA known about it for 20 years?", "Are iOS and Android vulnerable?"... While here at FortiGuard Labs, we have our own opinion on all of these questions, the one we... [Read More]
by RSS Guillaume Lovet  |  Sep 26, 2014  |  Filed in: Security Research
[Read More]
by RSS Michael Perna  |  Sep 13, 2014  |  Filed in: Industry Trends
[Read More]
by RSS Michael Perna  |  Aug 29, 2014  |  Filed in: Industry Trends