Kaspersky Lab researcher Vitaly Kamluk discusses the Equation Group, claiming it is the most sophisticated advanced persistent threat group in the world.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Video: Vitaly Kamluk on The Equation Group APT Secure Hunter appeared first on Secure Hunter Anti-Malware.
A pharming attack has been detected targeting home routers distributed from Brazil’s largest telco, a rare instance of a web-based attack changing DNS settings in order to redirect traffic.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Pharming Attack Targets Home Router DNS Settings Secure Hunter appeared first on Secure Hunter Anti-Malware.
On May 30, 2014, law enforcement officials from the FBI and Europol seized a series of servers that were being used to help operate the GameOver Zeus botnet, an especially pernicious and troublesome piece of malware. The authorities also began an international manhunt for a Russian man they said was connected to operating the botnet, […]
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Ransomware Looming As Major Long-Term Threat Secure Hunter appeared first on Secure Hunter Anti-Malware.
Europol and several private technology companies announced the overnight takedown of the command and control infrastructure supporting the Ramnit botnet.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Ramnit Botnet Shut Down Secure Hunter appeared first on Secure Hunter Anti-Malware.
Advanced attacks against industrial control systems are intelligence gathering operations in order to learn the inner workings of ICS infrastructure to facilitate sabotage.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Attacks Against Critical Infrastructure Seek Operational Intelligence Secure Hunter appeared first on Secure Hunter Anti-Malware.
Dennis Fisher and Mike Mimoso discuss their takeaways from the SAS 2015 conference, including the Equation Group APT analysis, hacking car washes, indexing the dark web and hacking home appliances.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Mike Mimoso on SAS 2015 Secure Hunter appeared first on Secure Hunter Anti-Malware.
Dennis Fisher talks with Costin Raiu of the Kaspersky Lab GReAT team about the researcher behind the Equation Group campaign, the group’s capabilities and why they seem to have gone dark now.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Costin Raiu on the Equation Group APT Secure Hunter appeared first on Secure Hunter Anti-Malware.
The persistence module used by the Equation APT Group uncovered by researchers at Kaspersky Lab has been called the ultimate cyberattack tool.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Inside nls_933w.dll, the Equation APT Persistence Module Secure Hunter appeared first on Secure Hunter Anti-Malware.
The Desert Falcons gang is the first Arabic APT group, according to researchers at Kaspersky Lab.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post First Arabic Cyberespionage Operation Uncovered Secure Hunter appeared first on Secure Hunter Anti-Malware.
Attackers have long used distributed denial of service attacks to knock domain-name servers offline but over the last several months malware creators have taken to using DNS requests to tunnel stolen data.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Tracking Malware That Uses DNS for Exfiltration Secure Hunter appeared first on Secure Hunter Anti-Malware.
At the Security Analyst Summit, a researcher from PwC explained how some huge operational security failures on the part of APT gangs helped uncover those behind attacks.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Hackers’ Op-Sec Failures Important Clues to Uncover APT Gangs Secure Hunter appeared first on Secure Hunter Anti-Malware.
CANCUN–Researchers at Kaspersky Lab have uncovered a cyberespionage group that has been operating for at least 15 years and has worked with and supported the attackers behind Stuxnet, Flame and other highly sophisticated operations.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Massive, Decades-Long Cyberespionage Framework Uncovered Secure Hunter appeared first on Secure Hunter Anti-Malware.
The Carbanak cybercrime gang could be responsible for stealing up to $ 1 billion from as many as 100 banks in 30 countries, researchers at Kaspersky Lab said.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Carbanak Ring Steals $1 Billion from Banks Secure Hunter appeared first on Secure Hunter Anti-Malware.
A reseller of the Rig Exploit Kit has leaked some of the source code behind the pack after parting ways with the kit’s developer. Experts don’t expect a spike in Rig-based attacks.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Spat Leads to Partial Leak of Rig Exploit Kit Secure Hunter appeared first on Secure Hunter Anti-Malware.
Antimalware vendors write signatures so that their corresponding products can detect and take action on malicious files. Every once in a while, a signature also detects a clean file – a file that doesn’t do anything malicious at all. The antimalware industry calls this a “false positive”, also referred to as an “incorrect detection”. It’s not pretty when an application or program is flagged as a false positive – users can’t run the program, customer support for that program gets deluged with calls, and the detecting antimalware/s gets a reputation hit. We, like other antimalware vendors, continuously try and make an effort to minimize the chances of us, partners, and our customers getting a false positive both as a software development company, and as a provider of antimalware solutions.
As part of this effort, we have been working closely with our partner VirusTotal – a well-known, reputable and industry-vetted online security portal where antimalware and security industry researchers, law enforcement organizations and customers can submit files and check for the presence of malicious code.
The result of this collaboration is something really exciting: VirusTotal has announced and released a new feature, called “Trusted source”. This feature communicates to the user with utmost confidence that a file can be trusted if it falls under a “Trusted source” criteria. And the first “Trusted source” feeding into this effort, we’re proud to say, is Microsoft via our Microsoft Clean-File MetaData. Now, if a user uploads a file to VirusTotal, and VirusTotal sees that the file metadata is part of Microsoft Clean-File Metadata, then VirusTotal returns this:
This can also be seen in the Additional Information tab as well:
This feature is now live for everyone to use.
The other use of this feature is that any time an antimalware solution detects a file marked as coming from a trusted source, such as Microsoft, VirusTotal informs the antimalware provider, shortening the time frame for the antimalware provider to address the problem.
With that said, we see that this feature is and will be of huge value to the industry, as well as to Microsoft customers, and there will be further improvements on this effort that can be expected as a result of our continuous collaboration with VirusTotal and the industry. We encourage other software development companies to participate in VirusTotal’s initiative.
Ivan Macalintal
Microsoft Malware Protection Center
Secure Hunter Anti -Malware
The post Microsoft steps up in industry efforts on mitigating false positives appeared first on Secure Hunter Anti-Malware.
Research from Cisco on Cryptowall 3.0 ransomware shows that exploits have been removed from the dropper, indicating that the group behind it will rely instead on exploit kits.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Cryptowall 3.0 Slims Down, Removes Exploits From Dropper Secure Hunter appeared first on Secure Hunter Anti-Malware.
Facebook announced ThreatExchange, an API-based platform for the exchange of attack and threat data.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Facebook ThreatExchange Platform Latest Hope for Information Sharing Secure Hunter appeared first on Secure Hunter Anti-Malware.
A Chinese APT group has been linked to a watering hole attack on Forbes.com used to target defense and financial targets.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Chinese Hackers Compromised Forbes.com Using IE, Flash Zero Days Secure Hunter appeared first on Secure Hunter Anti-Malware.
The popular remote access tool PlugX enjoyed an ascent in popularity in 2014 and is now a go-to malware for attack groups.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post PlugX, Go-To Malware for Targeted Attacks, More Prominent Than Ever Secure Hunter appeared first on Secure Hunter Anti-Malware.
In the wake of news-making attacks on Sony Pictures, Home Depot and many others, the federal government is establishing a new information integration center to focus on cyber threats.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post New Cyber Threat Center May Face Challenges Secure Hunter appeared first on Secure Hunter Anti-Malware.
Angler’s unique obfuscation, ability to detect antivirus and virtual machines, encrypted payload and fileless infection have some calling it the most sophisticated exploit kit.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Analyzing Angler: The World’s Most Sophisticated Exploit Kit Secure Hunter appeared first on Secure Hunter Anti-Malware.
The recent Flash zero-day vulnerabilities and exploits have uncovered the relatively quiet Hanjuan exploit kit, and further exposed the dangers of malvertising.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Flash Zero Days Dominate Exploit Landscape Secure Hunter appeared first on Secure Hunter Anti-Malware.
The third Adobe Flash Player zero day in two weeks is also currently under attack. Researchers at Trustwave found an exploit for it in the HanJuan exploit kit, which could be tied to the group behind the Angler kit.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Latest Flash 0Day Under Attack; Possible Ties to Group Behind Angler EK Secure Hunter appeared first on Secure Hunter Anti-Malware.
A relatively new Android Trojan that specializes in stealing banking information by intercepting SMS messages has been making the rounds.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post New Banking Trojan Targets Android, Steals SMS Secure Hunter appeared first on Secure Hunter Anti-Malware.
Researchers at Cisco say that a Flash zero day exploit has compromised 1,800 domains, the majority of those during a 48-hour period last week.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post 1,800 Domains Overtaken by Flash Zero Day Secure Hunter appeared first on Secure Hunter Anti-Malware.
For the third time in the last couple of weeks, Adobe is dealing with a zero day vulnerability in Flash. The company is working on a patch for another Flash bug that is being exploited in drive-by download attacks. Adobe officials released an advisory Monday warning users that attackers are exploiting a new vulnerability in […]
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Another Flash Zero Day Emerges Secure Hunter appeared first on Secure Hunter Anti-Malware.
A cyberespionage campaign pulled off by pro-Syrian hackers against Assad opposition fighters used social engineering to steal military planning documents.
Threatpost | The first stop for security news
Secure Hunter Anti -Malware
The post Female Skype Avatar Sinks Syria Opposition Fighters Secure Hunter appeared first on Secure Hunter Anti-Malware.
