The FBI has opened up its previously in-house malware analyzing tool to the public in order to crowdsource more samples for speedier response, according to The Register.
The post FBI opens malware tool for public “crowdsourcing†appeared first on We Live Security.
ESET research on Operation Windigo received an award at Virus Bulletin 2014. Our research on bootkits was also well received, and is now available publicly.
The post Bootkits, Windigo, and Virus Bulletin appeared first on We Live Security.
Researchers have discovered a variant of the CryptoWall ransomware that has a valid digital signature and is being distributed through malicious ads on several top-ranked Alexa Web sites. CryptoWall is one of the more successful ransomware strains in recent memory, with researchers estimating last month that the malware had grossed more than $1 million for […]
SEATTLE–The FBI has developed an internal malware-analysis tool, somewhat akin to the systems used by antimalware companies, and plans to open the system up to external security researchers, academics and others. The system is known as Malware Investigator and is designed to allow FBI agents and other authorized law enforcement users to upload suspicious files. […]
This week, a serious software vulnerability, which rapidly became known as the ‘Bash Bug’ or ‘Shellshock’ dominated the headlines, as two other faked news stories showed that hoaxes can fool the world very easily these days.
The post Week in security: Bash Bug, BlackEnergy and hoax attacks appeared first on We Live Security.
Two malware samples trying to exploit the Bash vulnerability, both DDoS bots, were snared in a honeypot belonging to AlienVault Labs.
Experts are concerned that many Linux-based industrial control systems and embedded systems could be too steep a patching challenge and remain in the crosshairs of the Bash vulnerability.
Reports of the first in-the-wild exploits targeting the Bash vulnerability have surfaced, as have complaints the first patches for the bug are incomplete.
SEATTLE–A typical phishing or Web-based malware attack usually isn’t terribly complex. But they need a few things in order to work, and one of the key components often is a malicious domain. Researchers spend a lot of time identifying and taking these domains down, but some researchers now are trying to stay a step ahead […]
A critical remote code execution vulnerability in Bash, present in almost all Linux, UNIX and Mac OS X deployments, has been discovered. Experts advise immediate patching.