Another in our occasional series demystifying Latin American banking trojans In this installment of our series, we introduce Grandoreiro, a Latin American banking trojan targeting Brazil, Mexico, Spain and Peru. As such, it shows unusual effort by its authors to evade detection and emulation, and progress towards a modular architecture. We have seen Grandoreiro being … More Grandoreiro: How engorged can an EXE get?
Fortune 100 companies could be open to hackers after a security vulnerability was discovered in widely used server software, security researchers have said. The discovered weakness would allow hackers to remotely run code on servers that utilize the REST plugin from Apache Struts, and it is reported that all versions since 2008 are affected. Due to the … More Critical security flaw leaves Fortune 100 firms vulnerable
The infamous exploit packs Blackhole and Nuclear Pack now feature a new zero-day Java exploit that exploits the Java vulnerability CVE-2013-0422. The latest version of Java 7 Update 10 is affected. Malware spreading through drive-by-downloads often utilizes exploit packs, which are able to serve malware variants without any user interaction, as opposed to other techniques … More Java 0-Day Exploit CVE-2013-0422
Now is the time to disable Java in your web browser, or even remove it from your system if that is practical. Why? The bad guys are hard at work trying to exploit a zero day vulnerability in the latest version of Java (version 1.7, Update 6.). This vulnerability is the subject of a US-CERT … More Java zero day vulnerability = time to disable Java, in your browser at least
Twitter’s controversial decision to reveal an anonymous user’s identity is a wake-up call to social media users everywhere that they really have to think twice before posting. Remember the old sayings, “there’s many a slip between cup and lip” or “loose lips sink ships”? Many of us grew up in an age where discretion was … More CyberThreats Daily: As Twitter reveals a user’s identity, what now for free speech?