• October 01, 2014
    After gathering more than 570 million tweets, it has been found that more than 33 million, or 5.8% of them had links to malicious content of some kind or another, including links to malware, spammed ads, and phishing pages.
  • September 28, 2014
    It seems like the floodgates have truly opened for Shellshock-related attacks. Another exploit attack has been detected, targeting a financial institution in China.
  • September 26, 2014
    Shellshock update: more attacks that exploit the Shellshock vulnerability have been detected, including exploit attempts in Brazil that seem to be targeting government institutions.
  • September 26, 2014
    There are new reports that mention incidents of botnet attacks that leveraged Shellshock against certain institutions. A botnet is a network of infected computers/systems.
  • September 26, 2014
    Shortly after the Bash vulnerability known as Shellshock was discovered, we've seen attacks using it to deliver DDoS malware onto Linux systems. Bigger, badder attacks are to be expected. What are some of the other potential scenarios?
  • September 25, 2014
    The Bash vulnerability was reportedly already being exploited in the wild, only several hours after news first broke out. At least one sampled malware is capable of launching distributed denial-of-service (DDoS) attacks.
  • September 25, 2014
    A serious vulnerability has been found in the Bash command shell commonly used by most Linux distributions. This vulnerability allows an attacker to run commands, such as remote code execution, on an affected system.
  • September 15, 2014
    The backdoor malware MIRAS got an upgrade from just running in 32-bit Windows operating system versions to 64-bit ones, expanding its victim range to more users of the OS. MIRAS is the same malware family linked to attacks against a Europe-based IT company.
  • September 15, 2014
    Certain versions of Google Wallet and Alipay in-app payment SDKs contain a vulnerability that could allow phishing attacks. Our analysis of the two SDKs describes the vulnerability in detail.