Independent Contractor. Bitcoin: 15Zvie1j8CjSR52doVSZSjctCDSx3pDjKZ Email: dancho.danchev@hush.com OMEMO: ddanchev@conversations.im | OTR: danchodanchev@xmpp.jp | TOX ID: 2E6FCA35A18AA76B2CCE33B55404A796F077CADA56F38922A1988AA381AE617A15D3D3E3E6F1
Tuesday, December 03, 2013
Summarizing Webroot's Threat Blog Posts for November
The following is a brief summary of all of my posts at Webroot's Threat Blog for November, 2013. You can subscribe to Webroot's Threat Blog RSS Feed, or follow me on Twitter:
01. Google-dorks based mass Web site hacking/SQL injecting tool helps facilitate malicious online activity
02. Deceptive ads lead to the SpyAlertApp PUA (Potentially Unwanted Application)
03. Cybercriminals differentiate their ‘access to compromised PCs’ service proposition, emphasize on the prevalence of ‘female bot slaves’
04. New vendor of ‘professional DDoS for hire service’ spotted in the wild
05. Source code for proprietary spam bot offered for sale, acts as force multiplier for cybercrime-friendly activity
06. Low Quality Assurance (QA) iframe campaign linked to May’s Indian government Web site compromise spotted in the wild
07. Popular French torrent portal tricks users into installing the BubbleDock/Downware/DownloadWare PUA (Potentially Unwanted Application)
08. Web site of Brazilian ‘Prefeitura Municipal de Jaqueira’ compromised, leads to fake Adobe Flash player
09. Malicious multi-hop iframe campaign affects thousands of Web sites, leads to a cocktail of client-side exploits
10. Vendor of TDoS products/services releases new multi-threaded SIP-based TDoS tool
11. Cybercriminals spamvertise tens of thousands of fake ‘Sent from my iPhone’ themed emails, expose users to malware
12. Fake ‘Annual Form (STD-261) – Authorization to Use Privately Owned Vehicle on State Business’ themed emails lead to malware
13. ‘Newly released proxy-supporting Origin brute-forcing tools targets users with weak passwords’
14. Fake WhatsApp ‘Voice Message Notification’ themed emails expose users to malware
15. Cybercriminals impersonate HSBC through fake ‘payment e-Advice’ themed emails, expose users to malware
16. Fake ‘MMS Gallery’ notifications impersonate T-Mobile U.K, expose users to malware
17. Fake ‘October’s Billing Address Code’ (BAC) form themed spam campaign leads to malware
This post has been reproduced from Dancho Danchev's blog. Follow him on Twitter.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment