Tuesday, December 03, 2013

Summarizing Webroot's Threat Blog Posts for November


The following is a brief summary of all of my posts at Webroot's Threat Blog for November, 2013. You can subscribe to Webroot's Threat Blog RSS Feed, or follow me on Twitter:


01. Google-dorks based mass Web site hacking/SQL injecting tool helps facilitate malicious online activity
02. Deceptive ads lead to the SpyAlertApp PUA (Potentially Unwanted Application)
03. Cybercriminals differentiate their ‘access to compromised PCs’ service proposition, emphasize on the prevalence of ‘female bot slaves’
04. New vendor of ‘professional DDoS for hire service’ spotted in the wild
05. Source code for proprietary spam bot offered for sale, acts as force multiplier for cybercrime-friendly activity
06. Low Quality Assurance (QA) iframe campaign linked to May’s Indian government Web site compromise spotted in the wild
07. Popular French torrent portal tricks users into installing the BubbleDock/Downware/DownloadWare PUA (Potentially Unwanted Application)
08. Web site of Brazilian ‘Prefeitura Municipal de Jaqueira’ compromised, leads to fake Adobe Flash player
09. Malicious multi-hop iframe campaign affects thousands of Web sites, leads to a cocktail of client-side exploits
10. Vendor of TDoS products/services releases new multi-threaded SIP-based TDoS tool
11. Cybercriminals spamvertise tens of thousands of fake ‘Sent from my iPhone’ themed emails, expose users to malware
12. Fake ‘Annual Form (STD-261) – Authorization to Use Privately Owned Vehicle on State Business’ themed emails lead to malware
13. ‘Newly released proxy-supporting Origin brute-forcing tools targets users with weak passwords’
14. Fake WhatsApp ‘Voice Message Notification’ themed emails expose users to malware
15. Cybercriminals impersonate HSBC through fake ‘payment e-Advice’ themed emails, expose users to malware
16. Fake ‘MMS Gallery’ notifications impersonate T-Mobile U.K, expose users to malware
17. Fake ‘October’s Billing Address Code’ (BAC) form themed spam campaign leads to malware

This post has been reproduced from Dancho Danchev's blog. Follow him on Twitter.

No comments:

Post a Comment