VB Migration

Tag: targeted attack

  • VB2014 preview: Apple without a shell – iOS under targeted attack

    FireEye researchers show a large attack vector for Apple’s mobile operating system. In the weeks running up to VB2014 (the 24th Virus Bulletin International Conference), we are looking at some of the research that will be presented at the event. Today, we look at the paper ‘ Apple without a shell – iOS under targeted…

  • Windows Error Reporting used to discover new attacks

    No excuse for sending error reports in cleartext. All happy programs are the same. But each unhappy program crashes in its own way. In a report published yesterday, security firm Websense has shown how Windows Error Reporting can be used to detect hitherto unknown attacks. Windows Error Reporting was introduced by Microsoft with Windows XP…

  • Macro viruses make a return in targeted attacks

    Macros disabled in modern versions of Office, but enabled within many organisations. A report by the National Cyber Security Center (NCSC, the Dutch CERT) points to a resurgence of macro viruses in targeted attacks. Macro viruses are viruses that are written in a software’s built-in macro language. They were very common in the late 1990s,…

  • Good and bad news for victims of targeted attacks against Microsoft products

    Bug bounty program extended; TIFF zero-day used in the wild. This week, Microsoft has good news and bad news for those targeted by zero-day exploits in its products. The bad news is that a new zero-day exploit has been discovered in a graphics library that is used by Office 2010 . To exploit the vulnerability,…

  • Is publishing your employees’ email addresses such a big deal?

    Beware of a false sense of security. Security blogger Graham Cluley points to hypocrisy in a KPMG press release in which it criticises FTSE 350 companies for ‘leaking data that can be used by cyber attackers’, while making the same mistake themselves. KPMG found that every single company in the FTSE 350 index (the 350…

  • India believed to be source of sophisticated surveillance campaigns

    In-depth investigations find widespread worldwide snooping, Pakistan primary target. Several reports have emerged recently covering a highly organised campaign of targeted espionage malware that has been seen in many countries around the world and stealing data from many industries. Close investigation has provided strong hints that the campaign originated in India, with Pakistan the most…

  • From spear phishing to watering holes

    Symantec reports increase in ‘watering hole attacks’. Imagine that for some reason you wanted to gain access to my computer. One thing you could do is send me an email with some malware attached, or a link to a site serving malware. That is called spear phishing. Spear-phishing is commonly used in targeted attacks; for…

  • Sykipot trojan used to target smart cards

    Defence companies among small number of targets. Researchers at Alienvault have discovered a version of the ‘Sykipot’ trojan that is being used to target organisations that make use of smartcards to control the access of both physical and information systems. The malware is installed onto the victim’s machine via a zero-day vulnerability in Adobe software,…

  • ‘Nitro attacks’ continue

    PoisonIvy trojan sent attached to email warning about the same trojan. Researchers at Symantec report that the ‘ Nitro attacks ‘, which target a number of large companies, many of which are active in the chemical industry, are continuing, using the same methods as before. In the most recent part of this attack, employees of…

  • ‘Son of Stuxnet’ trojan found

    ‘Duqu’ used in targeted attacks to steal specific information. Researchers at both Symantec and McAfee have discovered a new Remote Access Trojan (RAT) with strong links to Stuxnet being used in some highly targeted attacks. The trojan, which has been named ‘Duqu’ after the files with prefix ~DQ it creates, shares source code with Stuxnet…