Twitter, Facebook, Apple, Microsoft… who is left?
If we had to elaborate a list with the top tech companies who have being hacked in the last weeks, we should include all the ones in the title of this blog post, and maybe a few more cases we are still not aware of. The first one was Twitter. On February 1st Twitter published [...]
2 solutions for the latest Java vulnerability
Last week a new Java 0-Day was spotted in the wild . In short, anyone with Java installed and enabled in his browser could be easily infected while visiting any website that was using the exploit to take advantage of the latest Java’s security hole. What can we do to protect ourselves? I give you [...]
Java exploits reloaded
As you probably already know, we detected a 0-day vulnerability in Java 1.7 0 whereby the machine could be exploited by any malware for remote code execution. Only users who use this version of Java are were affected . Fortunately, Oracle has released an emergency update to prevent cybercriminals from taking advantage of it. One of the means the [...]
LinkedIn spam serving Adobe and Java exploits
Today we will be reviewing a cybercriminal’s recipe for success: Hacking LinkedIn’s password (and possibly user-) database. Sending an email to all obtained email addresses, which is urging you to check your LinkedIn inbox as soon as possible. A user unawarely clicking on the link. An exploit gets loaded. Malware gets dropped. Malware gets executed. [...]
Deobfuscating malicious code layer by layer
Article written by David Sánchez Lavado This post explains how to analyze the malicious code used in current Exploit Kits. There are many ways to analyze this type of code, and you can find tools that do most of the job automatically. However, as researchers who like to understand how things work, we are going [...]
Dont Get Caught by the Grinch on Twitter
Last year we documented the very first trending topic attack on Twitter. The attack is similar to a Blackhat SEO campaign, where criminals leverage the many hot topics discussed on the Internet in order to position their malware campaigns in highly visible places on Twitter. Earlier today we noticed over 300 Twitter accounts targeting various [...]
