Categories
Security

Malware authors' continued use of stolen certificates isn't all bad news

A new malware campaign that uses two stolen code-signing certificates shows that such certificates continue to be popular among malware authors. But there is a positive side to malware authors’ use of stolen certificates.
More on Virus Bulletin’s blog.

Categories
Security

Necurs update reminds us that the botnet cannot be ignored

The operators of the Necurs botnet, best known for being one of the most prolific spam botnets of the past few years, have pushed out updates to its client, which provide some important lessons about why malware infections matter.
More on Virus Bulletin’s blog.

Categories
Security

We cannot ignore the increased use of IoT in domestic abuse cases

The New York Times reports that smart home devices are increasingly used in cases of domestic abuse.
Read more on Virus Bulletin’s blog.

Categories
Security

Subtle change could see a reduction in installation of malicious Chrome extensions

Google has made a subtle change to its Chrome browser, banning the inline installation of new extensions, thus making it harder for malware authors to trick users into unwittingly installing malicious extensions.
Read more on Virus Bulletin’s blog.

Categories
Security

Expired domain led to SpamCannibal's blacklist eating the whole world

The domain of the little-used SpamCannibal DNS blacklist had expired, resulting in it effectively listing every single IP address.
Read more on Virus Bulletin’s blog.

Categories
Security

MnuBot banking trojan communicates via SQL server

Researchers at IBM X-Force have discovered MnuBot, a banking trojan targeting users in Brazil, which is noteworthy for using SQL Server for command and control communication.
Read more on Virus Bulletin’s blog.

Categories
Security

XMRig used in new macOS cryptominer

A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.
Read more on Virus Bulletin’s blog.

Categories
Security

Tendency for DDoS attacks to become less volumetric fits in a wider trend

CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.
Read more on Virus Bulletin’s blog.

Categories
Security

We are more ready for IPv6 email than we may think

Though IPv6 is gradually replacing IPv4 on the Internet’s network layer, email is lagging behind, the difficulty in blocking spam sent over IPv6 cited as a reason not to move. But would we really have such a hard time blocking spam sent over IPv6?
Read more on Virus Bulletin’s blog.

Categories
Security

Hide'n'Seek IoT botnet adds persistence

The Hide’n’Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart.
Read more on Virus Bulletin’s blog.