 |
 |
MS Security Essentials is already detecting the killapache perl script that’s floating around the Full Disclosure mailing list. This is one more reason that I love this AV program and strongly recommend it for all Windows’ users.
Launching a new Web app today comes with a few certainties, and one of them is, “I will be a target for hackers” for sure. So when an app as large and as high profile as Google+ launches, it will surely be one of the top targets for malicious activity. This happened to Facebook the more popular it grew and it still is a favorite platform for malicious activity. I did some analysis of the HTTP traffic between Google+ and the browser and found that Google is off to a good start in regards to browser security.
Source:
http://www.barracudalabs.com/wordpress/index.php/2011/07/21/google-gets-a-1-for-browser-security-3/
Security company Damballa has revealed that the source code for SpyEye, one of the most dangerous banking Trojans around, has been leaked online. Which is good for researchers, as they can better understand how it works. But it also means that a malware kit which used to cost more than $10,000 is now available for free, so is expected to become an even more pervasive threat in the next few weeks.
No need to panic just yet, though, as coincidentally Finnish security company Fitsec has just released DeBank, a portable tool which can detect the presence of all five major banking Trojan families on the target PC: SpyEye, Zeus, CarBerp, Gozi and Patcher.
You probably have an antivirus package which will claim to do much the same thing already, but as all these malware variants are particularly good at avoiding close scrutiny then it makes sense to have something which can offer a second opinion. And DeBank does have a particular advantage, in that it doesn’t use conventional signature checks, a technique which can be bypassed simply by packing the malware in a different way. Instead the program scans process memory for chunks of code belonging to each malware family, a much more reliable approach.
Source:
http://news.hitb.org/content/debank-tool-claims-detect-all-major-banking-trojans
Facebook today released the Guide to Facebook Security, a free handbook aiming to educate parents, teachers, and young adults on how to keep their Facebook accounts safe. You can download it now from the Facebook Safety Center.
The 20-page guide was written by former Symantec internet safety expert Linda McCarthy, Purdue University security researcher Keith Watson, and teacher/editor Denise Weldon-Siviy.
Source:
http://news.hitb.org/content/facebook-releases-official-guide-facebook-security
Several days ago, one of our customers submitted a sample (SHA1: fbe71968d4c5399c2906b56d9feadf19a35beb97, detected as TrojanDropper:Win32/Vundo.L). This trojan hijacks the hosts “vk.com” and “vkontakte.ru” (both social networking sites in Russia)and redirects them to 92.38.209.252, but achieves this in an unusual way.
Source:
https://blogs.technet.com/b/mmpc/archive/2011/08/10/can-we-believe-our-eyes.aspx
