ThreatTrack Security Labs – Page 2

CryptoWall 4 Targets Booking.com Customers

Posted on January 28, 2016 by ThreatTrack Security Labs

ThreatTrack Security Labs researchers caught wind of a phishing email masking itself as a Booking.com email. The malware-disguised email includes an “E-TICKET_CONFIRM.doc” attachment that, once downloaded, walks the user through steps to enable embedded macro codes that infect the computer with CryptoWall. How It Infects Your System: If users ignore Microsoft’s default security warning, the computer […]

The post CryptoWall 4 Targets Booking.com Customers appeared first on ThreatTrack Security Labs Blog.

Continue reading CryptoWall 4 Targets Booking.com Customers→

CryptoWall 4 Targets Booking.com Customers

Posted on January 28, 2016 by ThreatTrack Security Labs

The post CryptoWall 4 Targets Booking.com Customers appeared first on ThreatTrack Security Labs Blog.

Continue reading CryptoWall 4 Targets Booking.com Customers→

Dyre Botnet Using Malicious Microsoft Word Macros

Posted on May 11, 2015 by ThreatTrack Security Labs

The Dyre group, a major malware spam producer, has changed their initial malware dropper to utilize Microsoft Word document macros instead of the usual executable types, such as .exe files contained in a .zip. Dyre’s Hedsen spambot, responsible for the bulk of Upatre emails we’ve been tracking, now uses a template to send infected-macro Word files […]

The post Dyre Botnet Using Malicious Microsoft Word Macros appeared first on ThreatTrack Security Labs Blog.

Continue reading Dyre Botnet Using Malicious Microsoft Word Macros→

Dyre Botnet Using Malicious Microsoft Word Macros

Posted on May 11, 2015 by ThreatTrack Security Labs

The post Dyre Botnet Using Malicious Microsoft Word Macros appeared first on ThreatTrack Security Labs Blog.

Continue reading Dyre Botnet Using Malicious Microsoft Word Macros→

Microsoft Help File Malware Targets JPMorgan Chase Customers

Posted on May 7, 2015 by ThreatTrack Security Labs

A fresh malware sample was recently spotted using an attached Microsoft Compiled HTML (Help file) attached to spam messages. A Microsoft Help file is a binary file, which encompasses a set of HTML files; it usually has a .chm or .hlp extension. The malicious help file malware analyzed – a .chm file – arrived via spam […]

The post Microsoft Help File Malware Targets JPMorgan Chase Customers appeared first on ThreatTrack Security Labs Blog.

Continue reading Microsoft Help File Malware Targets JPMorgan Chase Customers→

Microsoft Help File Malware Targets JPMorgan Chase Customers

Posted on May 7, 2015 by ThreatTrack Security Labs

The post Microsoft Help File Malware Targets JPMorgan Chase Customers appeared first on ThreatTrack Security Labs Blog.

Continue reading Microsoft Help File Malware Targets JPMorgan Chase Customers→

Dyre Spreading Using Code-Signing Certificates, HTTPS

Posted on April 21, 2015 by ThreatTrack Security Labs

ThreatTrack Security Labs researchers have confirmed the credential-stealing Trojan Dyre is using a new dropper — and a valid digital certificate — to carry out its dirty work over HTTPS connections. The Ruckguv downloader works by injecting a dll into an instance of Windows Service Host (svchost.exe). Windows Service Host then uses HTTPS to download […]

The post Dyre Spreading Using Code-Signing Certificates, HTTPS appeared first on ThreatTrack Security Labs Blog.

Continue reading Dyre Spreading Using Code-Signing Certificates, HTTPS→

Dyre Spreading Using Code-Signing Certificates, HTTPS

Posted on April 21, 2015 by ThreatTrack Security Labs

The post Dyre Spreading Using Code-Signing Certificates, HTTPS appeared first on ThreatTrack Security Labs Blog.

Continue reading Dyre Spreading Using Code-Signing Certificates, HTTPS→

FREAK SSL Bug Forces Security Makers to Scramble for a Fix

Posted on March 10, 2015 by ThreatTrack Security Labs

On March 3, security researchers noted that an age-old SSL bug—in existence for more than 10 years—allows hackers under the right conditions to exploit a man-in-the-middle attack and gain access to potentially sensitive information. FREAK (Factoring RSA-EXPORT Keys) SSL relies on outdated ‘export grade’ cryptography settings, which are still contained within some web server code today. According […]

The post FREAK SSL Bug Forces Security Makers to Scramble for a Fix appeared first on ThreatTrack Security Labs Blog.

Continue reading FREAK SSL Bug Forces Security Makers to Scramble for a Fix→