Researcher Patrick Wardle of Synack is expected this week at CanSecWest to unveil malicious dylib attacks against Apple’s Mac OS X.
Tag Archives: Malware
Mozilla Releases Open Source Masche Forensics Tool
Mozilla has released an open source memory forensics tool that some college students designed and built during the company’s recent Winter of Security event. The new tool, known as Masche, is designed specifically for investigating server memory and has the advantage of being able to scan running processes without causing any problems with the machine. […]
Regin: Is Government Malware Stoppable After All?
What is Regin?
According to Virus Bulletin, we are looking at a multi-staged threat (like Stuxnet) that uses a modular approach (like Flame), a combination that makes it one of the most advanced threats ever detected. Researches show that Regin has been used in espionage campaigns for the last 6 years. This sophisticated backdoor Trojan affects Microsoft Windows NT, 2000, XP, Vista, and 7 and it is able to take control of input devices, capture credentials, monitor network traffic, and gather information on processes and memory utilization.
Regin mainly affects companies, research institutes, governmental organizations, and individuals who have access to networks of special interest. This is why Avira has worked together with the German Federal Office for Information Security (BSI) to add new Regin detection routines to the widely implemented and proven tool Avira PC Cleaner.
How can the Avira PC Cleaner help me?
The tool can now detect the identifiable elements of Regin and remove them from the infected system. “PC Cleaner came about as a result of the German anti-botnet “botfrei.de” initiative which is backed by the BSI. The software was also further developed with the support and know-how of the BSI. Users now have an easy-to-use tool available to them which can track down Regin malware”, explains Dr. Dirk Häger, head of operational network defense at the BSI. If PC Cleaner detects Regin, the affected system can be cleansed and the relevant files quarantined. Even after a successful system cleanup, it is worthwhile running further scans to make absolutely sure that Regin has not infiltrated other areas of the network. This also makes PC Cleaner an early warning tool. If Regin is detected, affected organizations should definitely think about taking further steps to protect their IT infrastructure.
The really unique feature about Avira PC Cleaner is that it doesn’t need to be installed. This means there are no conflicts with other vendors’ antivirus solutions installed on the computer. As such, PC Cleaner gives users the chance to get a second opinion. This is why it is also called a 2nd opinion scanner, although it isn’t a replacement for a fully-fledged antivirus solution. As a result, PC Cleaner is ideal for detecting Regin and for checking the computer for any other malicious software. It is based on the proven malware detection capabilities of Avira antivirus solutions of which there are millions of installs.
The post Regin: Is Government Malware Stoppable After All? appeared first on Avira Blog.
CryptoLocker Variant Coming After Gamers
A variant of CryptoLocker ransomware is targeting gamers, encrypting files associated with more than 20 popular titles in exchange for a Bitcoin payment.
Obama Administration Seeks More Legal Power to Disrupt Botnets
The federal government is seeking more legal power to step in and shut down botnets through an amendment to the existing criminal law, which would allow the Department of Justice to obtain injunctions to disrupt these malicious networks. The Obama administration has proposed an amendment to existing United Stated federal law that would give it […]
Equation APT Group Attack Platform A Study in Stealth
The EquationDrug cyberespionage platform is a complicated system that is used selectively against only certain target machines, one that can be extended via a collection of 116 malware plug-ins, researchers at Kaspersky Lab said.
CloudFlare Aims to Defeat Massive DDoS Attacks with Virtual DNS
DDoS attacks have been a persistent problem for the the better part of 20 years, and as ISPs and enterprises have adjusted their defenses, attackers have adapted their tactics. One of the more effective tools in the attackers’ arsenal now is the use of botnets to generate massive numbers of DNS queries for a target […]
CryptoFortress mimics TorrentLocker but is a different ransomware
ESET assess the differences between CryptoFortress and TorrentLocker: two very different strains of ransomware.
The post CryptoFortress mimics TorrentLocker but is a different ransomware appeared first on We Live Security.
ESET’s Mark James on 2015’s security trends
how is 2015 shaping up in security? We caught up with ESET researcher Mark James to get his take on threats, security and how people should ensure their year is free of malware.
The post ESET’s Mark James on 2015’s security trends appeared first on We Live Security.
Dridex Banking Trojan Spreading Via Macros in XML Files
A phishing campaign that spiked this week is pushing the Dridex banking Trojan via malicious macros embedded in XML file attachments.