Angler Exploit Kit Has Compromised Over 90,000 Websites

Exploit Kits (EK), arguably the most impactful malicious infrastructure on the Internet, constantly evolve to evade detection by security technology. Tremendous effort has been spent on tracking new variations of different EK families. In this report, we look at an EK from an operational point of view. Specifically, we have been tracking the activity of the notorious Angler Exploit Kit and have uncovered traces of what we believe to be a large underground industry behind this EK.

Key findings:
  • Detected over 90,000 compromised websites involved in Angler’s operation.
  • Discovered a highly organized operation that periodically updates the malicious content across all of the compromised websites and all of the EK gate sites at the same time. 
  • Discovered fine-grained control over the distribution of malicious content.
  • Found potential connections between activities of scanning vulnerable websites and leveraging scanned websites as entry point for the EK.

Adobe e-book reader spyware

The publishing world may finally be facing its "Rootkit scandal." Two independent reports claim that Adobe's e-book software, "Digital Editions," logs every document readers add to their local "Library," tracks what happens with those files, and then sends those logs back to the mother-ship, over the Internet, in the clear.

Read more »
Tags: , , , ,

25 new SSL Certificates from Comodo, GeoTrust & RapidSSL

SSL certificate provider GetSSL.me has expanded their product list with 25 new SSL certificates from Comodo, GeoTrust and RapidSSL. 

To provide the best security for every situation GetSSL.me offer Domain, Business and Extended validation SSL certificates. The variation is between regular, wildcard and even multi-domain certificates.

Prices are low as usual which means that client can save up to 85% off regular price.

See the certificate list yourself on GetSSL homepage.


Tags: , , ,

Introducing with IntroSpy

iOS

The Problem


In 2013, assessing the security of iOS applications still involves a lot of manual, time-consuming tasks - especially when performing a black-box assessment. Without access to source code, a comprehensive review of these application currently requires in-depth knowledge of various APIs and the ability to use relatively complex, generic tools such as Cycript, or Mobile Substrate - or just jump straight into the debugger.

To simplify this process, we are releasing Introspy - an open-source security profiler for iOS. Introspy is designed to help penetration testers understand what an application does at runtime.

How Introspy works


The tool comprises two separate components: an iOS tracer and an analyzer.

The iOS tracer can be installed on a jailbroken iOS device. It will hook security-sensitive APIs called by a given application, including functions related to cryptography, IPCs, data storage / protection, networking, and user privacy. The call details are all recorded and persisted in a SQLite database on the device

This database can then be fed to the Introspy analyzer, which generates an HTML report displaying all recorded calls, plus a list of potential vulnerabilities affecting the application.

Tags: ,

Android now 'mobile world's equivalent' of Windows for hackers

Android now 'mobile world's equivalent' of Windows for hackers
Android platform
CSO - The capabilities of malware targeting the market-leading Android platform are mimicking those of Trojans that have wrung profits from Windows PC users for years, a new study shows.

With nearly an 80 percent market share, Android's mobile dominance parallels Windows in the PC world, making Google's operating system the "mobile world's equivalent," Kaspersky Lab said in its latest Threat Evolution report, released on Thursday.

The difference between Windows and Android malware is that the latter is evolving much quicker, as criminals borrow from what they learned in targeting PCs since the 1990s.

"The evolution of Android malware has gone much more quickly than the evolution of Windows malware," Roel Schouwenberg, a senior researcher for Kaspersky Lab, toldCSOonline.

Tags: , , , , , ,
Subscribe to: Posts (Atom)