A critical Facebook flaw exposed email address for any account, the discovery was made by Stephen Sclafani, security researcher and founder of PlayToWin. Another vulnerability menaces privacy of Facebook users allowing the disclosure of primary email address of any account. Stephen Sclafani, security researcher and founder of PlayToWin, described the attack technique in a blog post titled […]
Dancho Danchev profiled a new service harvests mobile phone numbers advertised in the underground, the vendor also proposing SMS spamming and phone number verification service. A new service harvests mobile phone numbers advertised in the underground is the demonstration that mobile is becoming a privileged target for cybercrime. Botnets, mobile malware, ransomware, DDoS applications and hacking […]
Bluebox Labs recently discovered an Android vulnerability in the OS’s security model that allows hackers to attack 99% of Android devices on the market. Android vulnerability allows app modification preserving signatures … this is the shocking discovery announced by Bluebox Labs. During this week we have had the opportunity to discuss about mobile botnets and […]
Information provided by the results of principal researches on the cybercrime reveals resources,motivations and methods and cost illegal operations. Fortinet has published early 2013 the Fortinet’s 2013 cybercrime report, an interesting study on cybercriminal ecosystem, identifying the operations, the motivations, the methods, the resource used and countermeasure adoptable to mitigate the cyber threats As demonstrated […]
Principal Security experts are confident that in the next months we will assist to the explosion for Android botnets and in general of mobile cyber threats. Mobile botnets are malicious infrastructures that are increasing with impressive trend especially the Android botnets, considering the capillary diffusion for the Google mobile OS. Android devices are in the hands […]
A new variant of Zeus trojan is offered for sale in the underground. It is a Self-propagating version that exploits Facebook, the RDP and the email. The criminal history taught us that after the diffusion of source code of malicious agent such as the popular Zeus it is possible to assist to a real explosion […]
Attacks-as-a-Service, Malware-as-a-Service and Fraud-as-a-Service, are all terms used to better qualify the complex evolution of cybercrime offer. Attacks-as-a-Service , Malware-as-a-Service and Fraud-as-a-Service are all terms commonly used for providing of illegal activities by cyber criminals. These models of sale represent the natural evolution of the offer in the underground that responds to a demand in constant growth. In the past we have discussed […]
US law enforcers suggest a kill switch for mobile devices to principal manufactures and Apple adapts. The idea of US law enforcers is the realization of a kill switch on mobile devices that would be used in case of theft. New York’s top prosecutor, State Attorney General Eric Schneiderman, and San Francisco District Attorney George Gascón promoted […]
Security firm Group-IB has discovered on an forum in the underground the sale for Carberp banking Trojan source code at $5K. Carberp banking Trojan is experiencing a new youth in the underground, in the last months investigation at security firm Group-IB have identified in an underground forum the resumption of sale for the malware. The version proposed […]
Security firm Trusteer detected a new variant of Zeus Trojan that steals funds and recruits Money Mules proposing jobs ads to the victims using Man-in-the-Browser (MitB) techniques. Zeus Trojan is becoming even more complex, its evolution is unpredictable due to the intense activity in the underground on its source code. Various forums in the underground offer customization […]