Archive for November, 2015

Blood-brain barrier

For the first time, doctors have breached the human brain’s protective layer to deliver cancer-fighting drugs. Continue reading

Macros Galore


The recent FBI announcement of the Dridex botnet take-down and the arrest of its administrator doesn’t mean email users will see the last of Dridex. We might see the reuse of similar phishing tactics with future malware. We have seen an overall slowdown in Dridex in recent months ever since its first noticeable Dridex campaigns in early 2015.

Continue reading

apple logo grey

Just over a month ago, iOS users were warned of the threat to their devices by the XcodeGhost malware. Apple quickly reacted, taking down infected apps from the App Store and releasing new security features to stop malicious activities. Through continuous monitoring of our customers’ networks, FireEye researchers have found that, despite the quick response, the threat of XcodeGhost has maintained persistence and been modified.

Continue reading

apple logo grey

FireEye mobile researchers recently discovered potentially “backdoored” versions of an ad library embedded in thousands of iOS apps originally published in the Apple App Store. The affected versions of this library embedded functionality in iOS apps that used the library to display ads, allowing for potential malicious access to sensitive user data and device functionality.

Continue reading

No cellphones or computers can be brought inside the National Cryptologic School. And there’s no homework because it’s classified. Continue reading


Since early 2014, an attacker group of Iranian origin has been actively targeting persons of interest by means of malware infection, supported by persistent spear phishing campaigns. This cyber-espionage group was dubbed ‘Rocket Kitten,’ and remains active as of this writing, with reported attacks as recent as October 2015. Continue reading

screen Linux.Encoder.1 #drweb

Doctor Web warns users about new encryption ransomware targeting Linux operating systems. Judging from the directories in which the Trojan encrypts files, one can draw a conclusion that the main target of cybercriminals is website administrators whose machines have web servers deployed on.  Continue reading

Phishing for Employees in Russia


During the period August 27-30, 2015, Check Point sensors recorded a large amount of logs generated by the IPS protection “PHP Print Remote Shell Command Execution.” This was an interesting anomaly, as we do not usually see high volume of logs from this protection. Continue reading